Overview

overview

10

Static

static

10

0261b2f24b...cs.exe

windows7-x64

1

0261b2f24b...cs.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0261b2f24b98b9d5646ed108e7a1e3081e95a9b42e60f1a31e7500144c2372bb_NeikiAnalytics.exe

  • Size

    45KB

  • Sample

    240629-1kj6caxamg

  • MD5

    6879b1eb02f8759fca084c730e700f50

  • SHA1

    bf929c08693f845dcb817d4f5c80d5fe7b4cbbfa

  • SHA256

    0261b2f24b98b9d5646ed108e7a1e3081e95a9b42e60f1a31e7500144c2372bb

  • SHA512

    d1d3697da4b62fb7d203c7bf5503b80372b6dfa99a1e8d7a109178d365ed918a13e247ceab94e413cbfec5ba2a19740fed7d7ffc74a9a16756e2e99870e68b5c

  • SSDEEP

    768:/SisJmceOoIDHoMspLfFpyT7QHbtm+BEyqnN+8Nf:vsJmfOjDILprj4QHbtVEH4Uf

Score
10/10
xenorat

Malware Config

Extracted

Family

xenorat

C2

91.92.248.167

Mutex

Wolid_rat_nd8859g

Attributes
  • delay

    60000

  • install_path

    appdata

  • port

    1280

  • startup_name

    cms

Targets

    • Target

      0261b2f24b98b9d5646ed108e7a1e3081e95a9b42e60f1a31e7500144c2372bb_NeikiAnalytics.exe

    • Size

      45KB

    • MD5

      6879b1eb02f8759fca084c730e700f50

    • SHA1

      bf929c08693f845dcb817d4f5c80d5fe7b4cbbfa

    • SHA256

      0261b2f24b98b9d5646ed108e7a1e3081e95a9b42e60f1a31e7500144c2372bb

    • SHA512

      d1d3697da4b62fb7d203c7bf5503b80372b6dfa99a1e8d7a109178d365ed918a13e247ceab94e413cbfec5ba2a19740fed7d7ffc74a9a16756e2e99870e68b5c

    • SSDEEP

      768:/SisJmceOoIDHoMspLfFpyT7QHbtm+BEyqnN+8Nf:vsJmfOjDILprj4QHbtVEH4Uf

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks