28168df50b6b3506796db5856979e5a73fe40be49f460f8690630595d4f8df19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28168df50b6b3506796db5856979e5a73fe40be49f460f8690630595d4f8df19_NeikiAnalytics.exe
Size

318KB
Sample

240701-a4e3matgnp
MD5

8bbc23cd244b72017ca4d00aeb28a630
SHA1

f1abfec46848694e7d2c559b62909685025a2e3e
SHA256

28168df50b6b3506796db5856979e5a73fe40be49f460f8690630595d4f8df19
SHA512

305110a2e2c42d2961e15ea5f5df0600caf348a161c85cb886314c624a665c31b1bf192e3069dc41bd0135edd59c00d42706a4ff2f8afb6bee0ba806058d52f2
SSDEEP

6144:xV2qeEOGFRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:xV2qeEOoO4wFHoS04wFHoSrZx8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  28168df50b6b3506796db5856979e5a73fe40be49f460f8690630595d4f8df19_NeikiAnalytics.exe
- Size
  
  318KB
- MD5
  
  8bbc23cd244b72017ca4d00aeb28a630
- SHA1
  
  f1abfec46848694e7d2c559b62909685025a2e3e
- SHA256
  
  28168df50b6b3506796db5856979e5a73fe40be49f460f8690630595d4f8df19
- SHA512
  
  305110a2e2c42d2961e15ea5f5df0600caf348a161c85cb886314c624a665c31b1bf192e3069dc41bd0135edd59c00d42706a4ff2f8afb6bee0ba806058d52f2
- SSDEEP
  
  6144:xV2qeEOGFRVEQHdMcm4FmowdHoS7c5cm4FmowdHoSrNF9xRVEQHd4:xV2qeEOoO4wFHoS04wFHoSrZx8
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2