7361da24d84a52de1a6ecb830049ca6188563bedf5bb6228c0aa15c83afc3897 | Triage

Sharing

General

Target

568c1890493d26ea85438126c5281880_NeikiAnalytics.exe
Size

72KB
Sample

240522-3cprzada26
MD5

568c1890493d26ea85438126c5281880
SHA1

d9edacbd08a129fde61b6c8a3eb097d78b9cc751
SHA256

7361da24d84a52de1a6ecb830049ca6188563bedf5bb6228c0aa15c83afc3897
SHA512

a1ef007868fdda5a4aab490da5e038c820284dd90bd7ad73b8849e8516083f6837bf434cba6e569b1debed8b8919da0076e9dd8a94a5a18a9d538ca7c4fa4d82
SSDEEP

768:x/nersHM5s39vkq0xEOkhzQLX7v5uZn+5NlemmuLbR+PDl+JTs8SCd+CSPDoP6r0:xJHpt8q03mUqaoPB8TvSrtXr1CNs9Bs

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  568c1890493d26ea85438126c5281880_NeikiAnalytics.exe
- Size
  
  72KB
- MD5
  
  568c1890493d26ea85438126c5281880
- SHA1
  
  d9edacbd08a129fde61b6c8a3eb097d78b9cc751
- SHA256
  
  7361da24d84a52de1a6ecb830049ca6188563bedf5bb6228c0aa15c83afc3897
- SHA512
  
  a1ef007868fdda5a4aab490da5e038c820284dd90bd7ad73b8849e8516083f6837bf434cba6e569b1debed8b8919da0076e9dd8a94a5a18a9d538ca7c4fa4d82
- SSDEEP
  
  768:x/nersHM5s39vkq0xEOkhzQLX7v5uZn+5NlemmuLbR+PDl+JTs8SCd+CSPDoP6r0:xJHpt8q03mUqaoPB8TvSrtXr1CNs9Bs
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan