f2a44fcb9e0b4d9b251fdca11d63a8b4ec7bc20d42542e20ddf47604639ad0dd | Triage

Sharing

General

Target

4bd473deddfe14770ec69ed907f8e9d0_NeikiAnalytics
Size

25KB
Sample

240511-3vhrdahf26
MD5

4bd473deddfe14770ec69ed907f8e9d0
SHA1

1501d220eaf16d76c7f69920ff51eed873c9e596
SHA256

f2a44fcb9e0b4d9b251fdca11d63a8b4ec7bc20d42542e20ddf47604639ad0dd
SHA512

36814a97c958dbb478b1cf48623bd3130a6cf1f0f8493b077789394109d3dbef06c69b0c7986c74465e8a4d972fa0563875b6579d5ef720cccb61695f2a0906a
SSDEEP

384:HW0K7WAes2vDqPlW9QZcVX8ru8L/TTssQZWakDu74fHhNqpMQYbxVJHac+:EMs2v9AyX8wsuaAwiFOxnt+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4bd473deddfe14770ec69ed907f8e9d0_NeikiAnalytics
- Size
  
  25KB
- MD5
  
  4bd473deddfe14770ec69ed907f8e9d0
- SHA1
  
  1501d220eaf16d76c7f69920ff51eed873c9e596
- SHA256
  
  f2a44fcb9e0b4d9b251fdca11d63a8b4ec7bc20d42542e20ddf47604639ad0dd
- SHA512
  
  36814a97c958dbb478b1cf48623bd3130a6cf1f0f8493b077789394109d3dbef06c69b0c7986c74465e8a4d972fa0563875b6579d5ef720cccb61695f2a0906a
- SSDEEP
  
  384:HW0K7WAes2vDqPlW9QZcVX8ru8L/TTssQZWakDu74fHhNqpMQYbxVJHac+:EMs2v9AyX8wsuaAwiFOxnt+
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2