251fcbdcffb33f9e41673bac147d878beb053ad1197dab3d428ceb179cc24d83 | Triage

Sharing

General

Target

251fcbdcffb33f9e41673bac147d878beb053ad1197dab3d428ceb179cc24d83_NeikiAnalytics.exe
Size

346KB
Sample

240628-1643mswgpl
MD5

01dc99c6009aa3cba86cffdfa6859900
SHA1

b6e2b00588e2fedc54d37890a3f1482e77613e10
SHA256

251fcbdcffb33f9e41673bac147d878beb053ad1197dab3d428ceb179cc24d83
SHA512

73a2bc207f8ea8aaa3c5058cfd07474883ca1544c81ea037d5be48b3b93886e6965c3970b2e6eccd37ab6ee40abde37814fc8a826e3ac150326e0973dde04ca2
SSDEEP

3072:k+NJLZNgIPgU5QdDrFDHZtObmOm3AIpwbjshrmP24ho1mtye3lFDrFDHZtOk6Tsn:kCdCSho5t13LJhrmMsFj5tzOvfFOM6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  251fcbdcffb33f9e41673bac147d878beb053ad1197dab3d428ceb179cc24d83_NeikiAnalytics.exe
- Size
  
  346KB
- MD5
  
  01dc99c6009aa3cba86cffdfa6859900
- SHA1
  
  b6e2b00588e2fedc54d37890a3f1482e77613e10
- SHA256
  
  251fcbdcffb33f9e41673bac147d878beb053ad1197dab3d428ceb179cc24d83
- SHA512
  
  73a2bc207f8ea8aaa3c5058cfd07474883ca1544c81ea037d5be48b3b93886e6965c3970b2e6eccd37ab6ee40abde37814fc8a826e3ac150326e0973dde04ca2
- SSDEEP
  
  3072:k+NJLZNgIPgU5QdDrFDHZtObmOm3AIpwbjshrmP24ho1mtye3lFDrFDHZtOk6Tsn:kCdCSho5t13LJhrmMsFj5tzOvfFOM6
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2