ffb375afca402076edd2ac48d39f014c47534ac39028d636dc4781db327e7610 | Triage

Sharing

General

Target

a579c32b527899088bc7e8c014809270_NeikiAnalytics.exe
Size

215KB
Sample

240523-mb3z7sch7t
MD5

a579c32b527899088bc7e8c014809270
SHA1

90d9897aca200ad69eb22bc8162e39992cdc02f9
SHA256

ffb375afca402076edd2ac48d39f014c47534ac39028d636dc4781db327e7610
SHA512

7744b6b69f6721ff9850c23ea49d20cf2fe3bba39ced74ce3c476e47dc4dc4bc4b80b1e50563121ed0e3e14b403880653fc76c21df5c99f3f8c0cb6fef3d5269
SSDEEP

6144:4JcxlKhSGoqTecGy9+hAu7//QnSrMhcZEp:4S8hbTiyqA4QnSQhcZ8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a579c32b527899088bc7e8c014809270_NeikiAnalytics.exe
- Size
  
  215KB
- MD5
  
  a579c32b527899088bc7e8c014809270
- SHA1
  
  90d9897aca200ad69eb22bc8162e39992cdc02f9
- SHA256
  
  ffb375afca402076edd2ac48d39f014c47534ac39028d636dc4781db327e7610
- SHA512
  
  7744b6b69f6721ff9850c23ea49d20cf2fe3bba39ced74ce3c476e47dc4dc4bc4b80b1e50563121ed0e3e14b403880653fc76c21df5c99f3f8c0cb6fef3d5269
- SSDEEP
  
  6144:4JcxlKhSGoqTecGy9+hAu7//QnSrMhcZEp:4S8hbTiyqA4QnSQhcZ8
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2