9a9ee478046cdd6f4ce66bc92376a9ce860e5dd35efe6c4dd1f8f0ebd03e28f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a083c3e06d14aefd44f79177affa810_NeikiAnalytics.exe
Size

212KB
Sample

240519-3bt1asgf6v
MD5

5a083c3e06d14aefd44f79177affa810
SHA1

31c4bab91e19f98bc08c19dd0031528221163ccc
SHA256

9a9ee478046cdd6f4ce66bc92376a9ce860e5dd35efe6c4dd1f8f0ebd03e28f2
SHA512

b7de7e67af0cad859b4114e6215f8518389442c3b34a0d8a2cbea4adde6eb50ea71974e6669bedb6572618a8b2eb3ae1b45cbbd5b6c4c05f6a74167e4dc07ec3
SSDEEP

6144:xxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:3A6NBT/yEGjWwa7vU

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5a083c3e06d14aefd44f79177affa810_NeikiAnalytics.exe
- Size
  
  212KB
- MD5
  
  5a083c3e06d14aefd44f79177affa810
- SHA1
  
  31c4bab91e19f98bc08c19dd0031528221163ccc
- SHA256
  
  9a9ee478046cdd6f4ce66bc92376a9ce860e5dd35efe6c4dd1f8f0ebd03e28f2
- SHA512
  
  b7de7e67af0cad859b4114e6215f8518389442c3b34a0d8a2cbea4adde6eb50ea71974e6669bedb6572618a8b2eb3ae1b45cbbd5b6c4c05f6a74167e4dc07ec3
- SSDEEP
  
  6144:xxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:3A6NBT/yEGjWwa7vU
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2