5170fecf18cd269e4f7d75ed2083c7372cfb225d0003ee1ae0c448b5ef049341 | Triage

Sharing

General

Target

5170fecf18cd269e4f7d75ed2083c7372cfb225d0003ee1ae0c448b5ef049341_NeikiAnalytics.exe
Size

128KB
Sample

240701-pep9mavakp
MD5

ea4b02bab2db7ff2a29c34bad2f3bf60
SHA1

37d34970e45a593b6751b5ab74dbf1a684fff1f5
SHA256

5170fecf18cd269e4f7d75ed2083c7372cfb225d0003ee1ae0c448b5ef049341
SHA512

85d36943392a750ee4e40d122b1f4c4925981d5afc87ab9e2c3f5878f66615045c574a78ebfd454e8425896a26bce646a4d8d252ae28950bf2f33aacdde2d01b
SSDEEP

3072:1JO5v/Bd44i4EdWRR9b/FWZZXUmW2wS7IrHrYj:LqvD44i4gWRR9b/IkmHwMOHm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5170fecf18cd269e4f7d75ed2083c7372cfb225d0003ee1ae0c448b5ef049341_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  ea4b02bab2db7ff2a29c34bad2f3bf60
- SHA1
  
  37d34970e45a593b6751b5ab74dbf1a684fff1f5
- SHA256
  
  5170fecf18cd269e4f7d75ed2083c7372cfb225d0003ee1ae0c448b5ef049341
- SHA512
  
  85d36943392a750ee4e40d122b1f4c4925981d5afc87ab9e2c3f5878f66615045c574a78ebfd454e8425896a26bce646a4d8d252ae28950bf2f33aacdde2d01b
- SSDEEP
  
  3072:1JO5v/Bd44i4EdWRR9b/FWZZXUmW2wS7IrHrYj:LqvD44i4gWRR9b/IkmHwMOHm
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2