Overview

overview

10

Static

static

3

ceb50cfb8c...cs.exe

windows7-x64

10

ceb50cfb8c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ceb50cfb8c64d8afa8acb05c897679c0_NeikiAnalytics

  • Size

    47KB

  • Sample

    240516-kw81vade25

  • MD5

    ceb50cfb8c64d8afa8acb05c897679c0

  • SHA1

    fc2f680a08879fc6b051f6971b84f9463cd5eb0c

  • SHA256

    e1072fb1ecb08399505e104b44acb9b3392efcd3963f959fca0960720374ab91

  • SHA512

    c65b2102a8427d20389c0e0c3e4ce7b1fe23962738c8e4e898086633ccac591775d29c996c9cbd598183c68061463106b2db261ba2968ca659977d6a6550cc88

  • SSDEEP

    768:jIUWBlygDmHUMc+WqDdYPTY4MtzPCx/na9mV6I3m6+SZxXT3RX:jqygDiUiqPEtbm9Zxrd

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      ceb50cfb8c64d8afa8acb05c897679c0_NeikiAnalytics

    • Size

      47KB

    • MD5

      ceb50cfb8c64d8afa8acb05c897679c0

    • SHA1

      fc2f680a08879fc6b051f6971b84f9463cd5eb0c

    • SHA256

      e1072fb1ecb08399505e104b44acb9b3392efcd3963f959fca0960720374ab91

    • SHA512

      c65b2102a8427d20389c0e0c3e4ce7b1fe23962738c8e4e898086633ccac591775d29c996c9cbd598183c68061463106b2db261ba2968ca659977d6a6550cc88

    • SSDEEP

      768:jIUWBlygDmHUMc+WqDdYPTY4MtzPCx/na9mV6I3m6+SZxXT3RX:jqygDiUiqPEtbm9Zxrd

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks