8a78df15f0c83a823f8717809151e97b27c56928b7ee36d34d616ca80be76aea | Triage

Sharing

General

Target

1c38cd24ba7037872b4af4a6f9a56ee0_NeikiAnalytics
Size

82KB
Sample

240514-yw71faef96
MD5

1c38cd24ba7037872b4af4a6f9a56ee0
SHA1

7ddaf91cdba9d05beaf63f0a67b619510b1e8c6a
SHA256

8a78df15f0c83a823f8717809151e97b27c56928b7ee36d34d616ca80be76aea
SHA512

46be882ac600cbbe52c325f4bb44ae2be078e1ebf15650550361fe8727d65c45ab293901f9f7841829083d0d9369c67799ecc84de273a8d1ea9b499735dde118
SSDEEP

1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XkHnsvxLDZZf+J:51B31bdBob2QXacxvX+J

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1c38cd24ba7037872b4af4a6f9a56ee0_NeikiAnalytics
- Size
  
  82KB
- MD5
  
  1c38cd24ba7037872b4af4a6f9a56ee0
- SHA1
  
  7ddaf91cdba9d05beaf63f0a67b619510b1e8c6a
- SHA256
  
  8a78df15f0c83a823f8717809151e97b27c56928b7ee36d34d616ca80be76aea
- SHA512
  
  46be882ac600cbbe52c325f4bb44ae2be078e1ebf15650550361fe8727d65c45ab293901f9f7841829083d0d9369c67799ecc84de273a8d1ea9b499735dde118
- SSDEEP
  
  1536:4aiqH1s+kCtrA2UMT0mTFibDKa1XkHnsvxLDZZf+J:51B31bdBob2QXacxvX+J
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2