General
-
Target
25892262fb32e06c0c995217b86c1980_NeikiAnalytics
-
Size
45KB
-
Sample
240514-zrwbhsgf32
-
MD5
25892262fb32e06c0c995217b86c1980
-
SHA1
37ee33a2e5d3159070ca8ad396e2a49b3af07d9b
-
SHA256
7f009cf9041a24ef7ec26ab3a6019a4a398df0c93e645d099ebac392436deff9
-
SHA512
34697c95e8c1fdfb4ff5a6fa0a79f4aa8eb0915bbac0c24f3e30d46c290186c5487917237fc0464334d049ee4f095b70b0a58ee890df1ead021361e095989c39
-
SSDEEP
768:2mFQj8rM9whcqet8WfYUtT92S21XFXRnnePxCXNvF7DFK+5nE0:8AwEmBj3EXHn4x+9a0
Malware Config
Targets
-
-
Target
25892262fb32e06c0c995217b86c1980_NeikiAnalytics
-
Size
45KB
-
MD5
25892262fb32e06c0c995217b86c1980
-
SHA1
37ee33a2e5d3159070ca8ad396e2a49b3af07d9b
-
SHA256
7f009cf9041a24ef7ec26ab3a6019a4a398df0c93e645d099ebac392436deff9
-
SHA512
34697c95e8c1fdfb4ff5a6fa0a79f4aa8eb0915bbac0c24f3e30d46c290186c5487917237fc0464334d049ee4f095b70b0a58ee890df1ead021361e095989c39
-
SSDEEP
768:2mFQj8rM9whcqet8WfYUtT92S21XFXRnnePxCXNvF7DFK+5nE0:8AwEmBj3EXHn4x+9a0
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables use of System Restore points
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1