General
-
Target
b53c1a4e158485c7f39a446e19ab95d0_NeikiAnalytics
-
Size
260KB
-
Sample
240516-hlan7aha95
-
MD5
b53c1a4e158485c7f39a446e19ab95d0
-
SHA1
a70b5d7d08a4e0f075bb7d602eea64518ddd7969
-
SHA256
6ab1a0ae6ceec3a9630d5c789b6c4c8036e86d33bb95e854cb6398f1b11cd70e
-
SHA512
b50dfa52f7413eeaf33a5ed71ef4d561cdb4d5cb0704d06a218e3e1372d564ebb4e021c0daecba4234e305e92da515293c2364aa679b9d99386649da97b3f835
-
SSDEEP
3072:PWkWRM0We9kVF3GezUroWlBCtCmCdXC1D1NGW1t:PWkWXV9wUezUroW+tCmCCfNGS
Malware Config
Targets
-
-
Target
b53c1a4e158485c7f39a446e19ab95d0_NeikiAnalytics
-
Size
260KB
-
MD5
b53c1a4e158485c7f39a446e19ab95d0
-
SHA1
a70b5d7d08a4e0f075bb7d602eea64518ddd7969
-
SHA256
6ab1a0ae6ceec3a9630d5c789b6c4c8036e86d33bb95e854cb6398f1b11cd70e
-
SHA512
b50dfa52f7413eeaf33a5ed71ef4d561cdb4d5cb0704d06a218e3e1372d564ebb4e021c0daecba4234e305e92da515293c2364aa679b9d99386649da97b3f835
-
SSDEEP
3072:PWkWRM0We9kVF3GezUroWlBCtCmCdXC1D1NGW1t:PWkWXV9wUezUroW+tCmCCfNGS
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1