General
-
Target
c65fb8c84b6e6ba1c2f4e9998db0ee90_NeikiAnalytics.exe
-
Size
207KB
-
Sample
240523-j5qp7aae37
-
MD5
c65fb8c84b6e6ba1c2f4e9998db0ee90
-
SHA1
3ddcff24c77cbcbe35388d24ddf002036e150df1
-
SHA256
a9f287a5300275613e46a6d937492627c40d2578d52a794215bce3f5ee3c7311
-
SHA512
f26c69714e31a19172de1c6c6421d5984c88aed7471b670f619ce0562a967fdb59cd31245014521aeb9d18c6bc2951986afc94a8438287dbb7972be7ab78a34a
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un02:zvEN2U+T6i5LirrllHy4HUcMQY6h2
Malware Config
Targets
-
-
Target
c65fb8c84b6e6ba1c2f4e9998db0ee90_NeikiAnalytics.exe
-
Size
207KB
-
MD5
c65fb8c84b6e6ba1c2f4e9998db0ee90
-
SHA1
3ddcff24c77cbcbe35388d24ddf002036e150df1
-
SHA256
a9f287a5300275613e46a6d937492627c40d2578d52a794215bce3f5ee3c7311
-
SHA512
f26c69714e31a19172de1c6c6421d5984c88aed7471b670f619ce0562a967fdb59cd31245014521aeb9d18c6bc2951986afc94a8438287dbb7972be7ab78a34a
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un02:zvEN2U+T6i5LirrllHy4HUcMQY6h2
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1