12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547 | Triage

Submit
Reports

Overview

overview

Static

static

7

12dd668553...cs.exe

windows7-x64

7

12dd668553...cs.exe

windows10-2004-x64

Sharing

General

Target

12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547_NeikiAnalytics.exe
Size

41KB
Sample

240630-ar6d2stfkr
MD5

6726e2b307470d9754183ff1120fb4c0
SHA1

7c4646aef02b11b6d8b603357f6322c532bdab4c
SHA256

12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547
SHA512

8a9f82443ae5c61b4ea7eeff8962cd2f6d6c4d1e5a4d775a9c487754b03e8568e3f4564bd14a3fd9d2571947ac8ea51c5610401dbba0c9822c43e7be3bad657d
SSDEEP

768:AEwHupU99d2JE0jNJJ83+8zzqgTdVY9/:AEwVs+0jNDY1qi/q

Score

10^/10

microsoft persistence phishing product:outlook upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547_NeikiAnalytics.exe

Resource

win7-20240508-en

persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

microsoft persistence phishing product:outlook upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547_NeikiAnalytics.exe
- Size
  
  41KB
- MD5
  
  6726e2b307470d9754183ff1120fb4c0
- SHA1
  
  7c4646aef02b11b6d8b603357f6322c532bdab4c
- SHA256
  
  12dd668553bf467b6379c1daa5fbdd5cb2c338ff970b1755bc42a75d99c21547
- SHA512
  
  8a9f82443ae5c61b4ea7eeff8962cd2f6d6c4d1e5a4d775a9c487754b03e8568e3f4564bd14a3fd9d2571947ac8ea51c5610401dbba0c9822c43e7be3bad657d
- SSDEEP
  
  768:AEwHupU99d2JE0jNJJ83+8zzqgTdVY9/:AEwVs+0jNDY1qi/q
Score

10^/10

persistence upx microsoft phishing product:outlook
- Detected microsoft outlook phishing page
  phishing microsoft product:outlook
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

microsoftpersistencephishingproduct:outlookupx

© 2018-2024

Terms | Privacy