ac9ddf6c9b865a83a300b24818981ce2451d7f3609e7ab2eb340312214eccfaa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac9ddf6c9b865a83a300b24818981ce2451d7f3609e7ab2eb340312214eccfaa_NeikiAnalytics.exe
Size

1.1MB
Sample

240629-qa8e3s1cpp
MD5

cfd6f4890a2dfffa14a4cf9959ac5b20
SHA1

06a6d8f89b1d616666a8d6ba15b3eaddac08d7b8
SHA256

ac9ddf6c9b865a83a300b24818981ce2451d7f3609e7ab2eb340312214eccfaa
SHA512

50015404d1aea1de5b26a351991e158e2001b412c0da253057565b1f141d617058be00e4e2b808c1adc8e198e1d61180ebdaa118879a9b4ef5249266cad871c2
SSDEEP

24576:cF+byfDEdiOq64/+dIIhavuPO20ActdbMJnrnLI4ZBtZLapv:I+sES+qVvqJctArnZJ1I

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ac9ddf6c9b865a83a300b24818981ce2451d7f3609e7ab2eb340312214eccfaa_NeikiAnalytics.exe
- Size
  
  1.1MB
- MD5
  
  cfd6f4890a2dfffa14a4cf9959ac5b20
- SHA1
  
  06a6d8f89b1d616666a8d6ba15b3eaddac08d7b8
- SHA256
  
  ac9ddf6c9b865a83a300b24818981ce2451d7f3609e7ab2eb340312214eccfaa
- SHA512
  
  50015404d1aea1de5b26a351991e158e2001b412c0da253057565b1f141d617058be00e4e2b808c1adc8e198e1d61180ebdaa118879a9b4ef5249266cad871c2
- SSDEEP
  
  24576:cF+byfDEdiOq64/+dIIhavuPO20ActdbMJnrnLI4ZBtZLapv:I+sES+qVvqJctArnZJ1I
Score

10^/10

evasion persistence
- Modifies firewall policy service
  evasion
- Adds policy Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence