37e9666756956230655c0b711f6028e3b17f9b8e2a43b8dda60ef339f52f5e8b | Triage

Sharing

General

Target

81b14e7d9551cc7f2835fd1777ac7940_NeikiAnalytics.exe
Size

73KB
Sample

240523-dxn9hacc34
MD5

81b14e7d9551cc7f2835fd1777ac7940
SHA1

b232a5f0992cc93ccc01d7f3b961d0cdfd3677dd
SHA256

37e9666756956230655c0b711f6028e3b17f9b8e2a43b8dda60ef339f52f5e8b
SHA512

faa2b514f812c3044a515cd6aef4c729a4f4f003c737706387cc923bd789c2942a1e279e5539501e6a9d0b6a99bfaea3a0cb6248e7c392bd760a14b88b6d3ef3
SSDEEP

1536:xl6p585dpr3KCUGCsqq2ku2S+Se0uyMWmiCeiq+uKQy6+2OOSGwm6S+yaG2quiCu:f6XY/3KCUGCsqq2ku2S+Se0uyMWmiCeZ

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  81b14e7d9551cc7f2835fd1777ac7940_NeikiAnalytics.exe
- Size
  
  73KB
- MD5
  
  81b14e7d9551cc7f2835fd1777ac7940
- SHA1
  
  b232a5f0992cc93ccc01d7f3b961d0cdfd3677dd
- SHA256
  
  37e9666756956230655c0b711f6028e3b17f9b8e2a43b8dda60ef339f52f5e8b
- SHA512
  
  faa2b514f812c3044a515cd6aef4c729a4f4f003c737706387cc923bd789c2942a1e279e5539501e6a9d0b6a99bfaea3a0cb6248e7c392bd760a14b88b6d3ef3
- SSDEEP
  
  1536:xl6p585dpr3KCUGCsqq2ku2S+Se0uyMWmiCeiq+uKQy6+2OOSGwm6S+yaG2quiCu:f6XY/3KCUGCsqq2ku2S+Se0uyMWmiCeZ
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan