General
-
Target
137d2513043bafaf4dd9e693241c6680_NeikiAnalytics
-
Size
211KB
-
Sample
240512-qhy7dagb8y
-
MD5
137d2513043bafaf4dd9e693241c6680
-
SHA1
321f54402f34d8037749f43bacc03840d5228186
-
SHA256
ca04e2fdabce831427ceec09b6675f3c547cc4d0fbc6b98c9edae2e478f3662f
-
SHA512
307a9556539b844b8667fb5bfcc674718c407b02e27b5888ad5846c3301fbf6e60c72558bde8ed5f267face970d1fbcde0d2fd94ec863266e321dc974ae34ebb
-
SSDEEP
3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnv:b1iNKQxENHLfMgw7y9ZrK
Malware Config
Targets
-
-
Target
137d2513043bafaf4dd9e693241c6680_NeikiAnalytics
-
Size
211KB
-
MD5
137d2513043bafaf4dd9e693241c6680
-
SHA1
321f54402f34d8037749f43bacc03840d5228186
-
SHA256
ca04e2fdabce831427ceec09b6675f3c547cc4d0fbc6b98c9edae2e478f3662f
-
SHA512
307a9556539b844b8667fb5bfcc674718c407b02e27b5888ad5846c3301fbf6e60c72558bde8ed5f267face970d1fbcde0d2fd94ec863266e321dc974ae34ebb
-
SSDEEP
3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnv:b1iNKQxENHLfMgw7y9ZrK
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1