0de603c977d5034fe599c91d0dd918f377ad3ec1e1b50cf30d6d3f5f40cdce61 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b1f9a1aff1082a9b27c3e11f8028780_NeikiAnalytics
Size

208KB
Sample

240511-exr6tsfe96
MD5

7b1f9a1aff1082a9b27c3e11f8028780
SHA1

c329c41b800cf4c286fc186ae6ae7a2f245b07e3
SHA256

0de603c977d5034fe599c91d0dd918f377ad3ec1e1b50cf30d6d3f5f40cdce61
SHA512

0787db9060c07ff6d53f485dcae8c4c58f4cb030a26c718c0b41e35ff10302be3a88cc0f3ef8f38b84a754e96b6f9fbbc2f47224fa37bf22a037669e7dd98fcc
SSDEEP

6144:rJRDxRqdSqQts6iRZsTZuDbhivDVDN8zqF3:rcjQKUZigDVJ5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7b1f9a1aff1082a9b27c3e11f8028780_NeikiAnalytics
- Size
  
  208KB
- MD5
  
  7b1f9a1aff1082a9b27c3e11f8028780
- SHA1
  
  c329c41b800cf4c286fc186ae6ae7a2f245b07e3
- SHA256
  
  0de603c977d5034fe599c91d0dd918f377ad3ec1e1b50cf30d6d3f5f40cdce61
- SHA512
  
  0787db9060c07ff6d53f485dcae8c4c58f4cb030a26c718c0b41e35ff10302be3a88cc0f3ef8f38b84a754e96b6f9fbbc2f47224fa37bf22a037669e7dd98fcc
- SSDEEP
  
  6144:rJRDxRqdSqQts6iRZsTZuDbhivDVDN8zqF3:rcjQKUZigDVJ5
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2