1e3e04246273189b27cfb7dd39610db58fd7f8632ec7a4baff882620df4cefdc | Triage

Sharing

General

Target

63fd01ff89e939210ff736f7edc8e1f0_NeikiAnalytics
Size

218KB
Sample

240512-d3v91ahf33
MD5

63fd01ff89e939210ff736f7edc8e1f0
SHA1

51f3b1e9b48a50165993d326f343f5b9bc340f00
SHA256

1e3e04246273189b27cfb7dd39610db58fd7f8632ec7a4baff882620df4cefdc
SHA512

238035104b69f1fa7da074c51aea1c433149d6ecc76033c2aa52145a4d91b2ad39c0e81f23e2183815b8e1f5b3c4c2a094069838236f4984f9804326578321f6
SSDEEP

3072:Mvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:K1SyAJp6rjn1gOObn4b6h9h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  63fd01ff89e939210ff736f7edc8e1f0_NeikiAnalytics
- Size
  
  218KB
- MD5
  
  63fd01ff89e939210ff736f7edc8e1f0
- SHA1
  
  51f3b1e9b48a50165993d326f343f5b9bc340f00
- SHA256
  
  1e3e04246273189b27cfb7dd39610db58fd7f8632ec7a4baff882620df4cefdc
- SHA512
  
  238035104b69f1fa7da074c51aea1c433149d6ecc76033c2aa52145a4d91b2ad39c0e81f23e2183815b8e1f5b3c4c2a094069838236f4984f9804326578321f6
- SSDEEP
  
  3072:Mvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:K1SyAJp6rjn1gOObn4b6h9h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2