2fc1731b013dff8b7390780106fa8ebc941d9867ce95d0c6dcc6e631cbaaa663 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fc1731b013dff8b7390780106fa8ebc941d9867ce95d0c6dcc6e631cbaaa663_NeikiAnalytics.exe
Size

128KB
Sample

240701-dayjnatfkb
MD5

548dde00f7bc69181955d995312bd530
SHA1

0cf53a7ed4a2714f0ed87bcaaf2858c31b5f8bbe
SHA256

2fc1731b013dff8b7390780106fa8ebc941d9867ce95d0c6dcc6e631cbaaa663
SHA512

8a9808b39ceb616bef1bfedee7f788ef267bda31d4d166b60ad2aa63687045613fe383c02122b9a04711ac102b244de7afa56020f9f528b669354ac76f687f67
SSDEEP

3072:LMXyKbmNcQEMDd1AZoUBW3FJeRuaWNXmgu+tB:4JyOLudWZHEFJ7aWN1B

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2fc1731b013dff8b7390780106fa8ebc941d9867ce95d0c6dcc6e631cbaaa663_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  548dde00f7bc69181955d995312bd530
- SHA1
  
  0cf53a7ed4a2714f0ed87bcaaf2858c31b5f8bbe
- SHA256
  
  2fc1731b013dff8b7390780106fa8ebc941d9867ce95d0c6dcc6e631cbaaa663
- SHA512
  
  8a9808b39ceb616bef1bfedee7f788ef267bda31d4d166b60ad2aa63687045613fe383c02122b9a04711ac102b244de7afa56020f9f528b669354ac76f687f67
- SSDEEP
  
  3072:LMXyKbmNcQEMDd1AZoUBW3FJeRuaWNXmgu+tB:4JyOLudWZHEFJ7aWN1B
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2