526e3ea1ed0d36827e378bf75f78b9f7fa57a6ffc2605e65a5fe0bb503d5d15b | Triage

Sharing

General

Target

526e3ea1ed0d36827e378bf75f78b9f7fa57a6ffc2605e65a5fe0bb503d5d15b_NeikiAnalytics.exe
Size

40KB
Sample

240701-ppfsyavfkj
MD5

b8e580fd4211341d3bc2faf60b8b0660
SHA1

3ee0a1410ebdfcf46142feaa1061de1def3fcfaa
SHA256

526e3ea1ed0d36827e378bf75f78b9f7fa57a6ffc2605e65a5fe0bb503d5d15b
SHA512

d850474569857224d766abc97a316671711eb293e235938647eb66972a9cc5455ded6ffc3377f1a32acd52f9363f9af2fa17f6c701e499c34dd4e409b40e302b
SSDEEP

768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNh7:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYb

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  526e3ea1ed0d36827e378bf75f78b9f7fa57a6ffc2605e65a5fe0bb503d5d15b_NeikiAnalytics.exe
- Size
  
  40KB
- MD5
  
  b8e580fd4211341d3bc2faf60b8b0660
- SHA1
  
  3ee0a1410ebdfcf46142feaa1061de1def3fcfaa
- SHA256
  
  526e3ea1ed0d36827e378bf75f78b9f7fa57a6ffc2605e65a5fe0bb503d5d15b
- SHA512
  
  d850474569857224d766abc97a316671711eb293e235938647eb66972a9cc5455ded6ffc3377f1a32acd52f9363f9af2fa17f6c701e499c34dd4e409b40e302b
- SSDEEP
  
  768:DqPJtsA6C1VqahohtgVRNToV7TtRu8rM0wYVFl2g5coW58dO0xXHV2EfKYfdhNh7:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYb
Score

7^/10

persistence
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2