4ad1b6471f46365c4120b7bc1aab4a3473c2c5b45596af90f0fd614ac1db4b93 | Triage

Sharing

General

Target

4ad1b6471f46365c4120b7bc1aab4a3473c2c5b45596af90f0fd614ac1db4b93_NeikiAnalytics.exe
Size

128KB
Sample

240629-cgevfs1grq
MD5

b2436347fb0ccaa04e89988f74c21a10
SHA1

2e808b3e2a93d4f1aa6284db09ee84c46424ce97
SHA256

4ad1b6471f46365c4120b7bc1aab4a3473c2c5b45596af90f0fd614ac1db4b93
SHA512

778a0a7d4b79ceb9a2b6d9a31bacc034964e1e300831682d629582fb54eb773647178405eea78553c83e65a9340bf549feb051359d7e05bfd5814d7e23acfc50
SSDEEP

3072:6NaANL2Ar/AXmmK54+uqTpjG6cVPxMeEvPOdgujv6NLPfFFrKP9:wPNLxYBz3Y7cVJML3OdgawrFZKP

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4ad1b6471f46365c4120b7bc1aab4a3473c2c5b45596af90f0fd614ac1db4b93_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  b2436347fb0ccaa04e89988f74c21a10
- SHA1
  
  2e808b3e2a93d4f1aa6284db09ee84c46424ce97
- SHA256
  
  4ad1b6471f46365c4120b7bc1aab4a3473c2c5b45596af90f0fd614ac1db4b93
- SHA512
  
  778a0a7d4b79ceb9a2b6d9a31bacc034964e1e300831682d629582fb54eb773647178405eea78553c83e65a9340bf549feb051359d7e05bfd5814d7e23acfc50
- SSDEEP
  
  3072:6NaANL2Ar/AXmmK54+uqTpjG6cVPxMeEvPOdgujv6NLPfFFrKP9:wPNLxYBz3Y7cVJML3OdgawrFZKP
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2