1d17bada628e6dbba0d5a0d58c00befb611a6b1b453ca2d1ed5eee34b99e7f7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09d536f4273e2f2293c0650b67bbe9d0_NeikiAnalytics.exe
Size

212KB
Sample

240527-wxx6hsea69
MD5

09d536f4273e2f2293c0650b67bbe9d0
SHA1

d15a7256442e2e388d55a9fb0b5b4735c4254207
SHA256

1d17bada628e6dbba0d5a0d58c00befb611a6b1b453ca2d1ed5eee34b99e7f7b
SHA512

b89855a90471421937c3be7b21cc1e75aead128826cd532922b0427e20531b37c2f74f45ea7a2fd8567a51dc2d96348afc31bf69e9ffa2b6d8e746e33f94fb5f
SSDEEP

6144:yxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:sA6NBT/yEGjWwa7vU

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  09d536f4273e2f2293c0650b67bbe9d0_NeikiAnalytics.exe
- Size
  
  212KB
- MD5
  
  09d536f4273e2f2293c0650b67bbe9d0
- SHA1
  
  d15a7256442e2e388d55a9fb0b5b4735c4254207
- SHA256
  
  1d17bada628e6dbba0d5a0d58c00befb611a6b1b453ca2d1ed5eee34b99e7f7b
- SHA512
  
  b89855a90471421937c3be7b21cc1e75aead128826cd532922b0427e20531b37c2f74f45ea7a2fd8567a51dc2d96348afc31bf69e9ffa2b6d8e746e33f94fb5f
- SSDEEP
  
  6144:yxNqLW6opBZMU/y/JEGjg+op2BSNCCr7/jU:sA6NBT/yEGjWwa7vU
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2