96ba22d3699cd993c4eb8c7197c38813845f40c2ff72b9f0a7c8dae12c313f22 | Triage

Sharing

General

Target

96ba22d3699cd993c4eb8c7197c38813845f40c2ff72b9f0a7c8dae12c313f22_NeikiAnalytics.exe
Size

2.8MB
Sample

240628-n44mwa1djj
MD5

aae3eedf70f4b99a47343e1f67bfbf00
SHA1

ccc8c91ab8eecdb6985d8b1abd0708e05814633b
SHA256

96ba22d3699cd993c4eb8c7197c38813845f40c2ff72b9f0a7c8dae12c313f22
SHA512

be4228f2cbc6970128700a2e00a27ec20f1279f5898021f904ad6f32c44c61f760fb4759ddf4b4aed7999c5a9d317baa68c53f880f1d29ea787caaff884fdb3e
SSDEEP

49152:/0TCZLk9NuwxKw2TeGzjKD1slPvYPrS8voFxtZHq7NwJEJJTd3RZE7:3wQw2/loD3oFxSwSNRZE7

Score

7^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  96ba22d3699cd993c4eb8c7197c38813845f40c2ff72b9f0a7c8dae12c313f22_NeikiAnalytics.exe
- Size
  
  2.8MB
- MD5
  
  aae3eedf70f4b99a47343e1f67bfbf00
- SHA1
  
  ccc8c91ab8eecdb6985d8b1abd0708e05814633b
- SHA256
  
  96ba22d3699cd993c4eb8c7197c38813845f40c2ff72b9f0a7c8dae12c313f22
- SHA512
  
  be4228f2cbc6970128700a2e00a27ec20f1279f5898021f904ad6f32c44c61f760fb4759ddf4b4aed7999c5a9d317baa68c53f880f1d29ea787caaff884fdb3e
- SSDEEP
  
  49152:/0TCZLk9NuwxKw2TeGzjKD1slPvYPrS8voFxtZHq7NwJEJJTd3RZE7:3wQw2/loD3oFxSwSNRZE7
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceprivilege_escalation

behavioral2

persistenceprivilege_escalation