b5d798824078140fba8282b71d405b71fb8352e2f397265205d6b11c7e4ebc40 | Triage

Sharing

General

Target

b5d798824078140fba8282b71d405b71fb8352e2f397265205d6b11c7e4ebc40_NeikiAnalytics.exe
Size

188KB
Sample

240629-wf235svhlq
MD5

f30ed38d00d93ab176d54071061f7e40
SHA1

977bcfc78a2c3fa218ada2ac726d848595019905
SHA256

b5d798824078140fba8282b71d405b71fb8352e2f397265205d6b11c7e4ebc40
SHA512

aa3aa501dd5d70ed2ba2e3d351903358cc7474c86cddb580f0d7411558b3ca5165b1226bc58922f3d927c856b2f794105bc85cff7f0b0cf18983abdda1bc4128
SSDEEP

3072:GF4pGoN4j1M3ga+bgeX68ZnEnt1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDj:EINE1MORmnt1AelhEN4MujGJoSoDco

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  b5d798824078140fba8282b71d405b71fb8352e2f397265205d6b11c7e4ebc40_NeikiAnalytics.exe
- Size
  
  188KB
- MD5
  
  f30ed38d00d93ab176d54071061f7e40
- SHA1
  
  977bcfc78a2c3fa218ada2ac726d848595019905
- SHA256
  
  b5d798824078140fba8282b71d405b71fb8352e2f397265205d6b11c7e4ebc40
- SHA512
  
  aa3aa501dd5d70ed2ba2e3d351903358cc7474c86cddb580f0d7411558b3ca5165b1226bc58922f3d927c856b2f794105bc85cff7f0b0cf18983abdda1bc4128
- SSDEEP
  
  3072:GF4pGoN4j1M3ga+bgeX68ZnEnt1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDj:EINE1MORmnt1AelhEN4MujGJoSoDco
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2