518e870c0d4f0ac753ed4d63921936ad941e419680f4a46ba3db23dcc9bc45e1 | Triage

Sharing

General

Target

518e870c0d4f0ac753ed4d63921936ad941e419680f4a46ba3db23dcc9bc45e1_NeikiAnalytics.exe
Size

128KB
Sample

240629-c6a8kasdql
MD5

c1fb80603c0fdec13e17c1326b362440
SHA1

db89095204112bf3c2f155a1b544e5f7b1c4ab42
SHA256

518e870c0d4f0ac753ed4d63921936ad941e419680f4a46ba3db23dcc9bc45e1
SHA512

694f384a414bd2d7137e0645d8120a45c78d6f3d3229d77d723b940aff53f6a6f8e7eff3d1817b1ba3ea88dd06937ad50236b12e09dba9c0dff0dd46b96bc52a
SSDEEP

3072:eehryb7G/njxTlRu7HNY7EJ9IDlRxyhTbhgu+tAcrbFAJc+i:eh2dPeiEsDshsrtMk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  518e870c0d4f0ac753ed4d63921936ad941e419680f4a46ba3db23dcc9bc45e1_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  c1fb80603c0fdec13e17c1326b362440
- SHA1
  
  db89095204112bf3c2f155a1b544e5f7b1c4ab42
- SHA256
  
  518e870c0d4f0ac753ed4d63921936ad941e419680f4a46ba3db23dcc9bc45e1
- SHA512
  
  694f384a414bd2d7137e0645d8120a45c78d6f3d3229d77d723b940aff53f6a6f8e7eff3d1817b1ba3ea88dd06937ad50236b12e09dba9c0dff0dd46b96bc52a
- SSDEEP
  
  3072:eehryb7G/njxTlRu7HNY7EJ9IDlRxyhTbhgu+tAcrbFAJc+i:eh2dPeiEsDshsrtMk
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2