0cec8f04aea96df10ffffc50d19eaa3e64a4278498a3036e7f168121cad70e6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cec8f04aea96df10ffffc50d19eaa3e64a4278498a3036e7f168121cad70e6d_NeikiAnalytics.exe
Size

443KB
Sample

240627-xd2j9sxblr
MD5

e1b698512ae52d6395561979b0f49660
SHA1

5e54f067add81dfaa480c5d4181fc82b4a359c10
SHA256

0cec8f04aea96df10ffffc50d19eaa3e64a4278498a3036e7f168121cad70e6d
SHA512

018b104d67101846af3739bb03a56833f8726ab56211c2bd20edc5b172e1d5c690e7bfc6af7f3dd97c0cb457bed55a46ced61a3b366913673446e9d97e6dc5ca
SSDEEP

6144:YCOAHoQ7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOEgs:Y3AH31J1HJ1Uj+HiPj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0cec8f04aea96df10ffffc50d19eaa3e64a4278498a3036e7f168121cad70e6d_NeikiAnalytics.exe
- Size
  
  443KB
- MD5
  
  e1b698512ae52d6395561979b0f49660
- SHA1
  
  5e54f067add81dfaa480c5d4181fc82b4a359c10
- SHA256
  
  0cec8f04aea96df10ffffc50d19eaa3e64a4278498a3036e7f168121cad70e6d
- SHA512
  
  018b104d67101846af3739bb03a56833f8726ab56211c2bd20edc5b172e1d5c690e7bfc6af7f3dd97c0cb457bed55a46ced61a3b366913673446e9d97e6dc5ca
- SSDEEP
  
  6144:YCOAHoQ7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOEgs:Y3AH31J1HJ1Uj+HiPj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2