af49fb650199b72ecb15c9c086e765d14cefc4259b5c78b15492b374ef75a7aa | Triage

Sharing

General

Target

af49fb650199b72ecb15c9c086e765d14cefc4259b5c78b15492b374ef75a7aa_NeikiAnalytics.exe
Size

120KB
Sample

240629-rtn18asdpr
MD5

d769d2cb936c370a09c5dbd855efcf50
SHA1

bdb9715911e34d6829d001401912c5bf18428890
SHA256

af49fb650199b72ecb15c9c086e765d14cefc4259b5c78b15492b374ef75a7aa
SHA512

430787da6ce61dda8c6ac897b0856fd7462a93f716da83838978b4cdc80cac8eb4f0cb6b7c97c04e23d48372cff0d94b9d2e038e5069cf9a34f866b523b49a0a
SSDEEP

1536:oL+MI3wfWpDnnzR7qjj+w2BQM43OaFEFEg3yNbjz0cZ44mjD9r823F4:Y+z3wfUDnzk+nmM43tlg3AIi/mjRrz3C

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  af49fb650199b72ecb15c9c086e765d14cefc4259b5c78b15492b374ef75a7aa_NeikiAnalytics.exe
- Size
  
  120KB
- MD5
  
  d769d2cb936c370a09c5dbd855efcf50
- SHA1
  
  bdb9715911e34d6829d001401912c5bf18428890
- SHA256
  
  af49fb650199b72ecb15c9c086e765d14cefc4259b5c78b15492b374ef75a7aa
- SHA512
  
  430787da6ce61dda8c6ac897b0856fd7462a93f716da83838978b4cdc80cac8eb4f0cb6b7c97c04e23d48372cff0d94b9d2e038e5069cf9a34f866b523b49a0a
- SSDEEP
  
  1536:oL+MI3wfWpDnnzR7qjj+w2BQM43OaFEFEg3yNbjz0cZ44mjD9r823F4:Y+z3wfUDnzk+nmM43tlg3AIi/mjRrz3C
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2