581a7adaee103687707df18d0e768406d0f63d4e0243fceee9f8bb8d92ff7d77 | Triage

Sharing

General

Target

581a7adaee103687707df18d0e768406d0f63d4e0243fceee9f8bb8d92ff7d77_NeikiAnalytics.exe
Size

128KB
Sample

240701-rpnjwszdnp
MD5

8e47bc12cb945cd03ead3b4b9c8b64e0
SHA1

4a108cf9cfccb833ced64d4a3cadc477dc048675
SHA256

581a7adaee103687707df18d0e768406d0f63d4e0243fceee9f8bb8d92ff7d77
SHA512

bc879ec21ccaae27e349a80b58b55dfc44b1a2e24619bb381043637d41a8d9fcb1e9d252f206503ab8d7a89a1a5e45a6b078085bf4dd9e65cc0bc97257a015dd
SSDEEP

3072:tbioh5y0x2QKeGB2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:tuo+gKea4BhHmNEcYj9nhV8NCU

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  581a7adaee103687707df18d0e768406d0f63d4e0243fceee9f8bb8d92ff7d77_NeikiAnalytics.exe
- Size
  
  128KB
- MD5
  
  8e47bc12cb945cd03ead3b4b9c8b64e0
- SHA1
  
  4a108cf9cfccb833ced64d4a3cadc477dc048675
- SHA256
  
  581a7adaee103687707df18d0e768406d0f63d4e0243fceee9f8bb8d92ff7d77
- SHA512
  
  bc879ec21ccaae27e349a80b58b55dfc44b1a2e24619bb381043637d41a8d9fcb1e9d252f206503ab8d7a89a1a5e45a6b078085bf4dd9e65cc0bc97257a015dd
- SSDEEP
  
  3072:tbioh5y0x2QKeGB2/BhHmiImXJ2fYdV46nfPyxWhj8NCM/r:tuo+gKea4BhHmNEcYj9nhV8NCU
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2