General
-
Target
b9141e34abecb8593a5e21f331aa5fc0_NeikiAnalytics.exe
-
Size
51KB
-
Sample
240527-n2m74sbe76
-
MD5
b9141e34abecb8593a5e21f331aa5fc0
-
SHA1
9f1480a83962eb775068ceaa8313dd11add07812
-
SHA256
dfdf48c6e2f0310ae5811389f64150df8cb13fe23676a33698a4c6b22d1cd65a
-
SHA512
1afac3ac023ce291a24713d0fd295881ceb42e194735ae1b4c76be1b1622d334340d9581f9aa60b7d607309aea6320bdaa85b6fbbb7e002de48271758fe91bb3
-
SSDEEP
1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3yjjjjjjjjjjjjjjjjjjjjjjjZ:b+LKSOLIMdgyjjjjjjjjjjjjjjjjjjjJ
Malware Config
Targets
-
-
Target
b9141e34abecb8593a5e21f331aa5fc0_NeikiAnalytics.exe
-
Size
51KB
-
MD5
b9141e34abecb8593a5e21f331aa5fc0
-
SHA1
9f1480a83962eb775068ceaa8313dd11add07812
-
SHA256
dfdf48c6e2f0310ae5811389f64150df8cb13fe23676a33698a4c6b22d1cd65a
-
SHA512
1afac3ac023ce291a24713d0fd295881ceb42e194735ae1b4c76be1b1622d334340d9581f9aa60b7d607309aea6320bdaa85b6fbbb7e002de48271758fe91bb3
-
SSDEEP
1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3yjjjjjjjjjjjjjjjjjjjjjjjZ:b+LKSOLIMdgyjjjjjjjjjjjjjjjjjjjJ
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1