adad12645094fec0f09334a9c4e3de40ea9323ac84e29cf516aee7b4cfa4e017 | Triage

Sharing

General

Target

adad12645094fec0f09334a9c4e3de40ea9323ac84e29cf516aee7b4cfa4e017_NeikiAnalytics.exe
Size

64KB
Sample

240629-qw4c9aydle
MD5

4dc145c5b56cc8629cbbdfeaddf722c0
SHA1

08763975f3d901efde29565c2a27c49fc25b1787
SHA256

adad12645094fec0f09334a9c4e3de40ea9323ac84e29cf516aee7b4cfa4e017
SHA512

43ba2854c442dfe4078fb0a88b8b2c4a631a2698a1ba54008da8fb8009edacce855f003270758801cee14cbdc0a2bca981207825ac5fa4b7bb04bbf24a661bae
SSDEEP

768:TNMHlxv1TLVEamDSrgt3bCRGx5+vnlOWDznmsbVF++uQs0SPjC2yUWOH8:TNMXdTLV+DNEvnlpDznRv+YVyjCLU2

Score

10^/10

evasion

Malware Config

Targets

- Target
  
  adad12645094fec0f09334a9c4e3de40ea9323ac84e29cf516aee7b4cfa4e017_NeikiAnalytics.exe
- Size
  
  64KB
- MD5
  
  4dc145c5b56cc8629cbbdfeaddf722c0
- SHA1
  
  08763975f3d901efde29565c2a27c49fc25b1787
- SHA256
  
  adad12645094fec0f09334a9c4e3de40ea9323ac84e29cf516aee7b4cfa4e017
- SHA512
  
  43ba2854c442dfe4078fb0a88b8b2c4a631a2698a1ba54008da8fb8009edacce855f003270758801cee14cbdc0a2bca981207825ac5fa4b7bb04bbf24a661bae
- SSDEEP
  
  768:TNMHlxv1TLVEamDSrgt3bCRGx5+vnlOWDznmsbVF++uQs0SPjC2yUWOH8:TNMXdTLV+DNEvnlpDznRv+YVyjCLU2
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Drops file in Drivers directory
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2