a105e843ba071bcb67fccd48d989bbff0e72303e8a57bc31541658f98530ae96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a105e843ba071bcb67fccd48d989bbff0e72303e8a57bc31541658f98530ae96_NeikiAnalytics.exe
Size

768KB
Sample

240629-mjtrhawajf
MD5

1eb84b49b42dd5be0db7da28b5dbb3a0
SHA1

d55eb61ca6e53efbbb276bbfc1a4363b9690f78e
SHA256

a105e843ba071bcb67fccd48d989bbff0e72303e8a57bc31541658f98530ae96
SHA512

335c28ee4ecdf010e84d5c30afc96a31a9d0a17ad547d604f88f798a464f805d8b67c3ae2ebfd2aab1ddd1e4d7fa10cd7a87aec9837d884f0fa1ae021ae80439
SSDEEP

12288:wtVXvF6IveDVqvQ6IvYvc6IveDVqvQ6IvBaSHaMaZRBEYyqmaf2qwiHPKgRC4gvO:aNq5h3q5htaSHFaZRBEYyqmaf2qwiHPX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a105e843ba071bcb67fccd48d989bbff0e72303e8a57bc31541658f98530ae96_NeikiAnalytics.exe
- Size
  
  768KB
- MD5
  
  1eb84b49b42dd5be0db7da28b5dbb3a0
- SHA1
  
  d55eb61ca6e53efbbb276bbfc1a4363b9690f78e
- SHA256
  
  a105e843ba071bcb67fccd48d989bbff0e72303e8a57bc31541658f98530ae96
- SHA512
  
  335c28ee4ecdf010e84d5c30afc96a31a9d0a17ad547d604f88f798a464f805d8b67c3ae2ebfd2aab1ddd1e4d7fa10cd7a87aec9837d884f0fa1ae021ae80439
- SSDEEP
  
  12288:wtVXvF6IveDVqvQ6IvYvc6IveDVqvQ6IvBaSHaMaZRBEYyqmaf2qwiHPKgRC4gvO:aNq5h3q5htaSHFaZRBEYyqmaf2qwiHPX
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2