ec93471314c0a3ee415db05f9f9128577499ba00bfb71e401c6da5909893ae4d | Triage

Sharing

General

Target

82575a60bad9302a4a572c0e99236690_NeikiAnalytics.exe
Size

72KB
Sample

240523-dzpm2scd33
MD5

82575a60bad9302a4a572c0e99236690
SHA1

0994bef1618838a8503def2ea3030876858c5f16
SHA256

ec93471314c0a3ee415db05f9f9128577499ba00bfb71e401c6da5909893ae4d
SHA512

fe29be4229b9493a7de26f662ec1ed0ecba1a36459e9391c7c99e2bdcda65d84f9788e8220fd4538f167071ba4e0499ea7795d10513151666fa20421826edcfb
SSDEEP

768:x/nEuhThEUAvMgvvd9WhTOng8X6m2AYS1rg1YJZLIgwRdPxCdYLndQxzGp5hhJyQ:xs0evMm+tgg1XS181xbGgdjhh9ZoPbLo

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  82575a60bad9302a4a572c0e99236690_NeikiAnalytics.exe
- Size
  
  72KB
- MD5
  
  82575a60bad9302a4a572c0e99236690
- SHA1
  
  0994bef1618838a8503def2ea3030876858c5f16
- SHA256
  
  ec93471314c0a3ee415db05f9f9128577499ba00bfb71e401c6da5909893ae4d
- SHA512
  
  fe29be4229b9493a7de26f662ec1ed0ecba1a36459e9391c7c99e2bdcda65d84f9788e8220fd4538f167071ba4e0499ea7795d10513151666fa20421826edcfb
- SSDEEP
  
  768:x/nEuhThEUAvMgvvd9WhTOng8X6m2AYS1rg1YJZLIgwRdPxCdYLndQxzGp5hhJyQ:xs0evMm+tgg1XS181xbGgdjhh9ZoPbLo
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan