General
-
Target
01ba3daae3d2895e24dfd3e44462b870_NeikiAnalytics.exe
-
Size
503KB
-
Sample
240527-vqwhnsbc21
-
MD5
01ba3daae3d2895e24dfd3e44462b870
-
SHA1
eab2e468b50c062a798bd292abd5cbc2c700603a
-
SHA256
ba0c27fa5e22f3819a4430f2e7e300c6c83524b5f65dedbe1638a0c2d2deba78
-
SHA512
8fd49d7780fbc82db4beb6ddfc8d54ffd613c11f6db8ec95995e21baa3ad166e32806a4c16acbd09ed36056ca9303160637b3aaa6e0fcaffdaec8dc9cca71940
-
SSDEEP
12288:3ENN+T5xYrllrU7QY6yRYiioQzhGTRKhWcFc9k:N5xolYQY6CYjJzhgKhWcFc9k
Malware Config
Targets
-
-
Target
01ba3daae3d2895e24dfd3e44462b870_NeikiAnalytics.exe
-
Size
503KB
-
MD5
01ba3daae3d2895e24dfd3e44462b870
-
SHA1
eab2e468b50c062a798bd292abd5cbc2c700603a
-
SHA256
ba0c27fa5e22f3819a4430f2e7e300c6c83524b5f65dedbe1638a0c2d2deba78
-
SHA512
8fd49d7780fbc82db4beb6ddfc8d54ffd613c11f6db8ec95995e21baa3ad166e32806a4c16acbd09ed36056ca9303160637b3aaa6e0fcaffdaec8dc9cca71940
-
SSDEEP
12288:3ENN+T5xYrllrU7QY6yRYiioQzhGTRKhWcFc9k:N5xolYQY6CYjJzhgKhWcFc9k
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1