9056dc4e3ede0d8ba77e7dd6a153c8aca4e15304af92956adcbba6adf0dd4fbe | Triage

Sharing

General

Target

9056dc4e3ede0d8ba77e7dd6a153c8aca4e15304af92956adcbba6adf0dd4fbe_NeikiAnalytics.exe
Size

67KB
Sample

240628-k5ztjavall
MD5

edf3699a880c553e8db5ca4923531e80
SHA1

46d330c0b89c320fc6954ad8dfd9d682ce98472d
SHA256

9056dc4e3ede0d8ba77e7dd6a153c8aca4e15304af92956adcbba6adf0dd4fbe
SHA512

03b1a480e487d837c5f63e24542a4ddc19a95731ed7e77dfa30c05dd7c84b0a3a9255d020ca7597fe147d86160c28f9ac06235a0a211f4cb0e32d315758ac29c
SSDEEP

1536:CzTSul4ChTrGAYarrXOeaT+/y7CPQxRxMy5yXA351cgCe8uC:cTziKaTLhxM3AJugCe8uC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9056dc4e3ede0d8ba77e7dd6a153c8aca4e15304af92956adcbba6adf0dd4fbe_NeikiAnalytics.exe
- Size
  
  67KB
- MD5
  
  edf3699a880c553e8db5ca4923531e80
- SHA1
  
  46d330c0b89c320fc6954ad8dfd9d682ce98472d
- SHA256
  
  9056dc4e3ede0d8ba77e7dd6a153c8aca4e15304af92956adcbba6adf0dd4fbe
- SHA512
  
  03b1a480e487d837c5f63e24542a4ddc19a95731ed7e77dfa30c05dd7c84b0a3a9255d020ca7597fe147d86160c28f9ac06235a0a211f4cb0e32d315758ac29c
- SSDEEP
  
  1536:CzTSul4ChTrGAYarrXOeaT+/y7CPQxRxMy5yXA351cgCe8uC:cTziKaTLhxM3AJugCe8uC
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2