153ef192926bced0d8d3c769ba783e5d2fd4d89c46a9bba1e23f065ef1bd1b26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

153ef192926bced0d8d3c769ba783e5d2fd4d89c46a9bba1e23f065ef1bd1b26_NeikiAnalytics.exe
Size

224KB
Sample

240630-a9jyrs1brd
MD5

ff46b5ba49e910d26f9e3fd46d502bb0
SHA1

2d8378a2b7c0619f29ff793ff9d7a4f653303631
SHA256

153ef192926bced0d8d3c769ba783e5d2fd4d89c46a9bba1e23f065ef1bd1b26
SHA512

4848481d304a476d88cf373f7da24f448c085f84441da2062d5734f8601067f79f16ba32d39dce374afaed70e953f5a0e3b6b4193dc5a0381f5a3ff86a34872c
SSDEEP

6144:WZJMDQ3D9B0LDE4f9FIUpOVw86CmOJfTo9FIUIhrcflDML:W3taAD6RrI1+lDML

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  153ef192926bced0d8d3c769ba783e5d2fd4d89c46a9bba1e23f065ef1bd1b26_NeikiAnalytics.exe
- Size
  
  224KB
- MD5
  
  ff46b5ba49e910d26f9e3fd46d502bb0
- SHA1
  
  2d8378a2b7c0619f29ff793ff9d7a4f653303631
- SHA256
  
  153ef192926bced0d8d3c769ba783e5d2fd4d89c46a9bba1e23f065ef1bd1b26
- SHA512
  
  4848481d304a476d88cf373f7da24f448c085f84441da2062d5734f8601067f79f16ba32d39dce374afaed70e953f5a0e3b6b4193dc5a0381f5a3ff86a34872c
- SSDEEP
  
  6144:WZJMDQ3D9B0LDE4f9FIUpOVw86CmOJfTo9FIUIhrcflDML:W3taAD6RrI1+lDML
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2