a17979184a52fbe989e50dd7bd54b3a63aaf52524a3550751aa669f7f603caf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a17979184a52fbe989e50dd7bd54b3a63aaf52524a3550751aa669f7f603caf9_NeikiAnalytics.exe
Size

463KB
Sample

240629-mlf87awamh
MD5

de1c97f8f6cc4421e8ea6c3d917ecd10
SHA1

80941722e8e888aba0fbf21ad70ed0bc34809d03
SHA256

a17979184a52fbe989e50dd7bd54b3a63aaf52524a3550751aa669f7f603caf9
SHA512

e9605e3133ccfd02790b111c8394ffd6684a5a3345bc1d740fdc1fd7e42d6de5d917482c43e407a640aca36fe8bfb892ed34bd5ac6ef58a33a31b01fca6382cb
SSDEEP

12288:YMlc87eqqV5e+wBV6O+JywijDvKTOJquAqxjwxfcfsUc:YMSqqHeVBxJwijDvKT6EqyEfsUc

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a17979184a52fbe989e50dd7bd54b3a63aaf52524a3550751aa669f7f603caf9_NeikiAnalytics.exe
- Size
  
  463KB
- MD5
  
  de1c97f8f6cc4421e8ea6c3d917ecd10
- SHA1
  
  80941722e8e888aba0fbf21ad70ed0bc34809d03
- SHA256
  
  a17979184a52fbe989e50dd7bd54b3a63aaf52524a3550751aa669f7f603caf9
- SHA512
  
  e9605e3133ccfd02790b111c8394ffd6684a5a3345bc1d740fdc1fd7e42d6de5d917482c43e407a640aca36fe8bfb892ed34bd5ac6ef58a33a31b01fca6382cb
- SSDEEP
  
  12288:YMlc87eqqV5e+wBV6O+JywijDvKTOJquAqxjwxfcfsUc:YMSqqHeVBxJwijDvKT6EqyEfsUc
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2