9b161e8d117f565845869dfec61dcd9cb53d2f8ddedba9efde34ba4ba88bf984 | Triage

Sharing

General

Target

9b161e8d117f565845869dfec61dcd9cb53d2f8ddedba9efde34ba4ba88bf984_NeikiAnalytics.exe
Size

272KB
Sample

240628-q79z6sshnd
MD5

2d82f703f5a815e294f2434b93fc53e0
SHA1

d59e7f2ed7ee5402a323cbf7cb7e665365ea925f
SHA256

9b161e8d117f565845869dfec61dcd9cb53d2f8ddedba9efde34ba4ba88bf984
SHA512

67de0b6694a82aee0eca603eec8339632c0e73ef450ec2082e4ce67508d5186d87835e0b2980549d6e6145e3f3162b75439c5e462e1893013d33f101e467aa73
SSDEEP

6144:TTTpHcIHjrHByvZ6Mxv5Rar3O6B9fZSLhZmzbByvZ6Mxv5R:Tx8IDLByvNv54B9f01ZmHByvNv5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9b161e8d117f565845869dfec61dcd9cb53d2f8ddedba9efde34ba4ba88bf984_NeikiAnalytics.exe
- Size
  
  272KB
- MD5
  
  2d82f703f5a815e294f2434b93fc53e0
- SHA1
  
  d59e7f2ed7ee5402a323cbf7cb7e665365ea925f
- SHA256
  
  9b161e8d117f565845869dfec61dcd9cb53d2f8ddedba9efde34ba4ba88bf984
- SHA512
  
  67de0b6694a82aee0eca603eec8339632c0e73ef450ec2082e4ce67508d5186d87835e0b2980549d6e6145e3f3162b75439c5e462e1893013d33f101e467aa73
- SSDEEP
  
  6144:TTTpHcIHjrHByvZ6Mxv5Rar3O6B9fZSLhZmzbByvZ6Mxv5R:Tx8IDLByvNv54B9f01ZmHByvNv5
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2