35351b41ec550d9177727dd495a5db3a5c468f2c4a74344a119d5dc09988fca8 | Triage

Sharing

General

Target

524aa2d7dc607795be925ae33af79000_NeikiAnalytics.exe
Size

208KB
Sample

240522-yt2qmsee9w
MD5

524aa2d7dc607795be925ae33af79000
SHA1

27bdff2eb3bc635a6caed3e608991073cd73eb81
SHA256

35351b41ec550d9177727dd495a5db3a5c468f2c4a74344a119d5dc09988fca8
SHA512

7b5513fde633b3ece95e0db957a9bf3e7439a95956b369b93103f8e823feec75245b00be8846d762bded78bf8b618c1cd462dd6beb8b75a8eae59c4058a1453a
SSDEEP

6144:Qa1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:QbapK0JCmRcU9vVokf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  524aa2d7dc607795be925ae33af79000_NeikiAnalytics.exe
- Size
  
  208KB
- MD5
  
  524aa2d7dc607795be925ae33af79000
- SHA1
  
  27bdff2eb3bc635a6caed3e608991073cd73eb81
- SHA256
  
  35351b41ec550d9177727dd495a5db3a5c468f2c4a74344a119d5dc09988fca8
- SHA512
  
  7b5513fde633b3ece95e0db957a9bf3e7439a95956b369b93103f8e823feec75245b00be8846d762bded78bf8b618c1cd462dd6beb8b75a8eae59c4058a1453a
- SSDEEP
  
  6144:Qa1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:QbapK0JCmRcU9vVokf
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2