572c28165b93d27a7ca5c764119c8b56a114369f0b375b3fce8c9f510872066b | Triage

Sharing

General

Target

572c28165b93d27a7ca5c764119c8b56a114369f0b375b3fce8c9f510872066b_NeikiAnalytics.exe
Size

653KB
Sample

240629-dp72mssgrl
MD5

f2f31ebcdcc7a8769e4c9023e2681ef0
SHA1

0f8a5703e2a034d3af8fe6d359bd76dbad264fc5
SHA256

572c28165b93d27a7ca5c764119c8b56a114369f0b375b3fce8c9f510872066b
SHA512

3f09ba6db7c2883026f32bcde7f9ccff887fdeea981f5fcab64c31429a1028d05cdc87d35fb99a8aab7645cf08011882bfdc4b08453887159aa93cc080772226
SSDEEP

12288:JJFZqYMOaQ0q9nV/zsnK23KHVI6nodVdyMLiqyVcxwtVxgpMiuzOT6WIzmc:fFZqhOBnVyK23C6OoYMLiVcKtVx4Miur

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  572c28165b93d27a7ca5c764119c8b56a114369f0b375b3fce8c9f510872066b_NeikiAnalytics.exe
- Size
  
  653KB
- MD5
  
  f2f31ebcdcc7a8769e4c9023e2681ef0
- SHA1
  
  0f8a5703e2a034d3af8fe6d359bd76dbad264fc5
- SHA256
  
  572c28165b93d27a7ca5c764119c8b56a114369f0b375b3fce8c9f510872066b
- SHA512
  
  3f09ba6db7c2883026f32bcde7f9ccff887fdeea981f5fcab64c31429a1028d05cdc87d35fb99a8aab7645cf08011882bfdc4b08453887159aa93cc080772226
- SSDEEP
  
  12288:JJFZqYMOaQ0q9nV/zsnK23KHVI6nodVdyMLiqyVcxwtVxgpMiuzOT6WIzmc:fFZqhOBnVyK23C6OoYMLiVcKtVx4Miur
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence