583e88404473dede2a6bf5713048a28705d337ff7f830ad7ae067cfff8b91b7d | Triage

Sharing

General

Target

74187866ff91a48ddbce2cbb85ed0dd0_NeikiAnalytics.exe
Size

203KB
Sample

240523-ch2evaaa75
MD5

74187866ff91a48ddbce2cbb85ed0dd0
SHA1

a5b5c7a868cef52b3b52291e8eb641fbe1376bb5
SHA256

583e88404473dede2a6bf5713048a28705d337ff7f830ad7ae067cfff8b91b7d
SHA512

f713433ee06f610367096dfb22244172a5c39aaff9d79e339e73126c2ee5352441ea95b868186b97bd6f45c8acdc50c9885adad230c1e759974588e93108f63e
SSDEEP

3072:i1g2ZB+GEhO118/bPyKxM4QTJt2cWGsNPKisJoyjK7yGAe9Q0enyU8GZqaP+wPml:chYzxMlNNsAisDRGAL0eyUBnPrPO

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  74187866ff91a48ddbce2cbb85ed0dd0_NeikiAnalytics.exe
- Size
  
  203KB
- MD5
  
  74187866ff91a48ddbce2cbb85ed0dd0
- SHA1
  
  a5b5c7a868cef52b3b52291e8eb641fbe1376bb5
- SHA256
  
  583e88404473dede2a6bf5713048a28705d337ff7f830ad7ae067cfff8b91b7d
- SHA512
  
  f713433ee06f610367096dfb22244172a5c39aaff9d79e339e73126c2ee5352441ea95b868186b97bd6f45c8acdc50c9885adad230c1e759974588e93108f63e
- SSDEEP
  
  3072:i1g2ZB+GEhO118/bPyKxM4QTJt2cWGsNPKisJoyjK7yGAe9Q0enyU8GZqaP+wPml:chYzxMlNNsAisDRGAL0eyUBnPrPO
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2