General
-
Target
2a79ed53f978040b7a2122648c6a5180_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240525-2cy5zadc54
-
MD5
2a79ed53f978040b7a2122648c6a5180
-
SHA1
10afe47239a95cad433e86c26ca485070ecfefb8
-
SHA256
766f32e90c48d8508f021a0be6a037f620f88cf0464eb6220bb110a22e14ca51
-
SHA512
3ca73f5b189b98971c2668ecc8568adf632174bc450098b9d91ab47f85727ab350b21935da9d2ca487b1c81af5ba5543a93b27384c07c8a3ec080fd775d6946e
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unF:5vEN2U+T6i5LirrllHy4HUcMQY6S
Malware Config
Targets
-
-
Target
2a79ed53f978040b7a2122648c6a5180_NeikiAnalytics.exe
-
Size
206KB
-
MD5
2a79ed53f978040b7a2122648c6a5180
-
SHA1
10afe47239a95cad433e86c26ca485070ecfefb8
-
SHA256
766f32e90c48d8508f021a0be6a037f620f88cf0464eb6220bb110a22e14ca51
-
SHA512
3ca73f5b189b98971c2668ecc8568adf632174bc450098b9d91ab47f85727ab350b21935da9d2ca487b1c81af5ba5543a93b27384c07c8a3ec080fd775d6946e
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unF:5vEN2U+T6i5LirrllHy4HUcMQY6S
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1