General
-
Target
a6d5c5144b682dca29bfb61fad048270_NeikiAnalytics
-
Size
211KB
-
Sample
240513-jj41pacg8x
-
MD5
a6d5c5144b682dca29bfb61fad048270
-
SHA1
b16e4beb64073156089586861ccad6eb4d78fc07
-
SHA256
dc8fda1e8ace5a2864694fd87c2e643623301db7bb4b49cbbcdf94074f541636
-
SHA512
58e8c64f64d03765d3d67bbe499b635ce638e69d3552dab24855fa2358cd0ebe3906f05410bd79cc495ed577bc99a97b87018def504b05c10328b7205035ae06
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOZ:Jh8cBzHLRMpZ4d1ZZ
Static task
static1
Behavioral task
behavioral1
Sample
a6d5c5144b682dca29bfb61fad048270_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a6d5c5144b682dca29bfb61fad048270_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
a6d5c5144b682dca29bfb61fad048270_NeikiAnalytics
-
Size
211KB
-
MD5
a6d5c5144b682dca29bfb61fad048270
-
SHA1
b16e4beb64073156089586861ccad6eb4d78fc07
-
SHA256
dc8fda1e8ace5a2864694fd87c2e643623301db7bb4b49cbbcdf94074f541636
-
SHA512
58e8c64f64d03765d3d67bbe499b635ce638e69d3552dab24855fa2358cd0ebe3906f05410bd79cc495ed577bc99a97b87018def504b05c10328b7205035ae06
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOZ:Jh8cBzHLRMpZ4d1ZZ
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1