d59ba356a888eeebd1645985dbed21e09ff6d04085366f7cb09db6410e6147df | Triage

Sharing

General

Target

c2d737e317f2906d2f55a28a14b89fe0_NeikiAnalytics.exe
Size

215KB
Sample

240526-y29q8abf75
MD5

c2d737e317f2906d2f55a28a14b89fe0
SHA1

dffdefa7ace4362609f1bdec36a2152b385f1aa0
SHA256

d59ba356a888eeebd1645985dbed21e09ff6d04085366f7cb09db6410e6147df
SHA512

ed4686a9b671bc5ecfc66b2306f1a189853b8c9db1a3eabaad041af6904a9259f5fc68e384ddbc46abcb6d1155b15c0698b32d4b47dac5b17acc7bdf35e795ec
SSDEEP

6144:rJcxlKhSGoqTecGy9+hAu7//QnSrMhcZEp:rS8hbTiyqA4QnSQhcZ8

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  c2d737e317f2906d2f55a28a14b89fe0_NeikiAnalytics.exe
- Size
  
  215KB
- MD5
  
  c2d737e317f2906d2f55a28a14b89fe0
- SHA1
  
  dffdefa7ace4362609f1bdec36a2152b385f1aa0
- SHA256
  
  d59ba356a888eeebd1645985dbed21e09ff6d04085366f7cb09db6410e6147df
- SHA512
  
  ed4686a9b671bc5ecfc66b2306f1a189853b8c9db1a3eabaad041af6904a9259f5fc68e384ddbc46abcb6d1155b15c0698b32d4b47dac5b17acc7bdf35e795ec
- SSDEEP
  
  6144:rJcxlKhSGoqTecGy9+hAu7//QnSrMhcZEp:rS8hbTiyqA4QnSQhcZ8
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2