f891aff26c5b06467e96ce45db14e0b5c400fe1a66b2a8fcc39bd50e5e94556a | Triage

Sharing

General

Target

705c6b9d5924934f4e89a3a5522e2350_NeikiAnalytics.exe
Size

72KB
Sample

240523-b59t3ahc95
MD5

705c6b9d5924934f4e89a3a5522e2350
SHA1

6e50537d39093813c8f408d98c3e1acab6c03105
SHA256

f891aff26c5b06467e96ce45db14e0b5c400fe1a66b2a8fcc39bd50e5e94556a
SHA512

0863adb51409d0fb59a7efb9b86c366476b4acd5c282dafbb23eb881c828778b69f030a589d434951955f95043ffaae06f78e48aad1c4b8b0d14a0b8dad05996
SSDEEP

1536:xuBPdTu5bkUNdMc/XPaNzodFEegkO+XM+MJV:gBPdqRpMcX8zGEeO+XM+gV

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  705c6b9d5924934f4e89a3a5522e2350_NeikiAnalytics.exe
- Size
  
  72KB
- MD5
  
  705c6b9d5924934f4e89a3a5522e2350
- SHA1
  
  6e50537d39093813c8f408d98c3e1acab6c03105
- SHA256
  
  f891aff26c5b06467e96ce45db14e0b5c400fe1a66b2a8fcc39bd50e5e94556a
- SHA512
  
  0863adb51409d0fb59a7efb9b86c366476b4acd5c282dafbb23eb881c828778b69f030a589d434951955f95043ffaae06f78e48aad1c4b8b0d14a0b8dad05996
- SSDEEP
  
  1536:xuBPdTu5bkUNdMc/XPaNzodFEegkO+XM+MJV:gBPdqRpMcX8zGEeO+XM+gV
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan