479495fc0648ae864421cb01e356659c2c11eea7cd9cbb14f8ad51fee86b77af | Triage

Sharing

General

Target

479495fc0648ae864421cb01e356659c2c11eea7cd9cbb14f8ad51fee86b77af_NeikiAnalytics.exe
Size

188KB
Sample

240701-lkrsvsxdpr
MD5

2eb7ecc8bef2aae532628ae032d63560
SHA1

8f6142727b51f707a15784f145d1f57f3bf9b089
SHA256

479495fc0648ae864421cb01e356659c2c11eea7cd9cbb14f8ad51fee86b77af
SHA512

bde5ef9fa6a4c1f440e3c35107564f3fd34995ad81fea32fe20c077d5bf2b6ba9b79db95014c5fa65940fd8bed5a277f4ceec6ff2d8e40e4723b8676b60d507f
SSDEEP

3072:3nd6ykJDoL9N9Tj1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:3d6zC9/Tj1AelhEN4MujGJoSoDco

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  479495fc0648ae864421cb01e356659c2c11eea7cd9cbb14f8ad51fee86b77af_NeikiAnalytics.exe
- Size
  
  188KB
- MD5
  
  2eb7ecc8bef2aae532628ae032d63560
- SHA1
  
  8f6142727b51f707a15784f145d1f57f3bf9b089
- SHA256
  
  479495fc0648ae864421cb01e356659c2c11eea7cd9cbb14f8ad51fee86b77af
- SHA512
  
  bde5ef9fa6a4c1f440e3c35107564f3fd34995ad81fea32fe20c077d5bf2b6ba9b79db95014c5fa65940fd8bed5a277f4ceec6ff2d8e40e4723b8676b60d507f
- SSDEEP
  
  3072:3nd6ykJDoL9N9Tj1AerDtsr3vhqhEN4MAH+mbPepZBC8qzNJSKrDco:3d6zC9/Tj1AelhEN4MujGJoSoDco
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2