108f422d7d266ed96d0668f92f84a7fb1371c478a59c4b372cf4dba1676329c9 | Triage

Sharing

General

Target

6eed5303d444dd20f35a27e641611b70_NeikiAnalytics.exe
Size

73KB
Sample

240523-b12ynagh41
MD5

6eed5303d444dd20f35a27e641611b70
SHA1

3faa78264bf95c9e97cfba38368e8c7b19829a86
SHA256

108f422d7d266ed96d0668f92f84a7fb1371c478a59c4b372cf4dba1676329c9
SHA512

728e71027732060410e357f96bbc586f1db522ac8aaf7a79a4baeba962d7128abc24255620fa284b5e301b82282f43d6a6b63351c3631c13403aa1f58a080035
SSDEEP

768:x/nlrF9TAbYmFr1BndWdhKjJFJLLeTYSOmPPxfXjGca8Iaxqm4Ts9s5qCfRpXMRb:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEY

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  6eed5303d444dd20f35a27e641611b70_NeikiAnalytics.exe
- Size
  
  73KB
- MD5
  
  6eed5303d444dd20f35a27e641611b70
- SHA1
  
  3faa78264bf95c9e97cfba38368e8c7b19829a86
- SHA256
  
  108f422d7d266ed96d0668f92f84a7fb1371c478a59c4b372cf4dba1676329c9
- SHA512
  
  728e71027732060410e357f96bbc586f1db522ac8aaf7a79a4baeba962d7128abc24255620fa284b5e301b82282f43d6a6b63351c3631c13403aa1f58a080035
- SSDEEP
  
  768:x/nlrF9TAbYmFr1BndWdhKjJFJLLeTYSOmPPxfXjGca8Iaxqm4Ts9s5qCfRpXMRb:x5FNAlTnd+5rO0PxfXZVBZq5qYXMEY
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan