3603cae0e9b4682cdb9edfb76f92a67535b9a2de1424249607e298b94005c9b0 | Triage

Sharing

General

Target

3603cae0e9b4682cdb9edfb76f92a67535b9a2de1424249607e298b94005c9b0_NeikiAnalytics
Size

1.0MB
Sample

240521-mf6a5aab2v
MD5

83a7009446886b5a6fcc262cdf8fea00
SHA1

c29cae2d6d5c95c87959393bbf4b07d13fc08ab7
SHA256

3603cae0e9b4682cdb9edfb76f92a67535b9a2de1424249607e298b94005c9b0
SHA512

8c313c440a73ffd81104b2fa9aa816054598c34429667606ca528eb5c6b4a93b34c57e2d9cfcafd867df72b0ea01e98223495a021a5fe1985c97932f516ac6a1
SSDEEP

24576:8mUNJyJqb1FcMap2ATT5emUNJyJqb1FcMap2ATT5emUNJyJqb1FcMap2ATT58:8mV2ApemV2ApemV2Ap8

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3603cae0e9b4682cdb9edfb76f92a67535b9a2de1424249607e298b94005c9b0_NeikiAnalytics
- Size
  
  1.0MB
- MD5
  
  83a7009446886b5a6fcc262cdf8fea00
- SHA1
  
  c29cae2d6d5c95c87959393bbf4b07d13fc08ab7
- SHA256
  
  3603cae0e9b4682cdb9edfb76f92a67535b9a2de1424249607e298b94005c9b0
- SHA512
  
  8c313c440a73ffd81104b2fa9aa816054598c34429667606ca528eb5c6b4a93b34c57e2d9cfcafd867df72b0ea01e98223495a021a5fe1985c97932f516ac6a1
- SSDEEP
  
  24576:8mUNJyJqb1FcMap2ATT5emUNJyJqb1FcMap2ATT5emUNJyJqb1FcMap2ATT58:8mV2ApemV2ApemV2Ap8
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2