1c18f811bffee7ca2fc221553c54e2b4e9a36936a2dd22fb77d62749d754886a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c18f811bffee7ca2fc221553c54e2b4e9a36936a2dd22fb77d62749d754886a_NeikiAnalytics.exe
Size

1.2MB
Sample

240628-z9scksvhmm
MD5

0358956bbee61242b95d0bedb032a710
SHA1

119aff9ccb0eef2ae492b764cecdc55a50b6620c
SHA256

1c18f811bffee7ca2fc221553c54e2b4e9a36936a2dd22fb77d62749d754886a
SHA512

f16f7a78643b5d6bf089d36db67f4d69d6637db9dfd14544293e48f5c611ecffe9946a630c6ad9640a152cc2cef70b6eb4908d3fdf1dbf8bb46ac25477234606
SSDEEP

6144:fP2vP4Ne/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVol:fP2zFv4pnsKvNA+XTvZHWuEo3oW2to

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1c18f811bffee7ca2fc221553c54e2b4e9a36936a2dd22fb77d62749d754886a_NeikiAnalytics.exe
- Size
  
  1.2MB
- MD5
  
  0358956bbee61242b95d0bedb032a710
- SHA1
  
  119aff9ccb0eef2ae492b764cecdc55a50b6620c
- SHA256
  
  1c18f811bffee7ca2fc221553c54e2b4e9a36936a2dd22fb77d62749d754886a
- SHA512
  
  f16f7a78643b5d6bf089d36db67f4d69d6637db9dfd14544293e48f5c611ecffe9946a630c6ad9640a152cc2cef70b6eb4908d3fdf1dbf8bb46ac25477234606
- SSDEEP
  
  6144:fP2vP4Ne/Icl4yjThipmMH/gysNkvC8vA+XTv7FYUwMOFusQ+kJ3StWDKcGVol:fP2zFv4pnsKvNA+XTvZHWuEo3oW2to
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2