73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

73185d7970...cs.exe

windows7-x64

6

73185d7970...cs.exe

windows10-2004-x64

6

Sharing

General

Target

73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886_NeikiAnalytics.exe
Size

1.7MB
Sample

240629-gwj5yavhmk
MD5

24655c02f67b149239d6d072028ee250
SHA1

8539b3e1cdf33bb7d0209b5dbd02823117e49212
SHA256

73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886
SHA512

9588f7611743ad57e1ae0c7bef90ed62d257dfc5821565d24772d571bca9384911dd5530782df2367e6acc22d9205a78c5aba8546b990701a44f0798a610fa76
SSDEEP

49152:XWUMv5De9/yG9/ooooERQr0tb6H8RlOuQhR5kvR:XWUMqyGB0Z6H8Rl45k

Score

6^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886_NeikiAnalytics.exe

Resource

win7-20231129-en

bootkit persistence

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886_NeikiAnalytics.exe

Resource

win10v2004-20240226-en

bootkit persistence

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886_NeikiAnalytics.exe
- Size
  
  1.7MB
- MD5
  
  24655c02f67b149239d6d072028ee250
- SHA1
  
  8539b3e1cdf33bb7d0209b5dbd02823117e49212
- SHA256
  
  73185d79704fe541cc7048e0c2635ce6692d14c8981e6898ede0dd7bfe810886
- SHA512
  
  9588f7611743ad57e1ae0c7bef90ed62d257dfc5821565d24772d571bca9384911dd5530782df2367e6acc22d9205a78c5aba8546b990701a44f0798a610fa76
- SSDEEP
  
  49152:XWUMv5De9/yG9/ooooERQr0tb6H8RlOuQhR5kvR:XWUMqyGB0Z6H8Rl45k
Score

6^/10

bootkit persistence
- Checks for any installed AV software in registry
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Software Discovery

Security Software Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy