General
-
Target
48012e10fe9e30efd0ff7487cf445090_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240529-gxn6aadg48
-
MD5
48012e10fe9e30efd0ff7487cf445090
-
SHA1
b566e43da3be37f71ac79f017d0b1106cbf6ba45
-
SHA256
00c15e390466a62f94b79a28591b01ef0607e3b89fa4e4c1d75eeadf67ae3fcc
-
SHA512
f74a0ceea8ecb8ceed963069715616bc2753b0150569955f8348a35c2a12c06cd4d06331c783a3b2285d1db06120c7cb18828c29705634c9d77b9c7689fa192b
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uny:5vEN2U+T6i5LirrllHy4HUcMQY6Z
Malware Config
Targets
-
-
Target
48012e10fe9e30efd0ff7487cf445090_NeikiAnalytics.exe
-
Size
206KB
-
MD5
48012e10fe9e30efd0ff7487cf445090
-
SHA1
b566e43da3be37f71ac79f017d0b1106cbf6ba45
-
SHA256
00c15e390466a62f94b79a28591b01ef0607e3b89fa4e4c1d75eeadf67ae3fcc
-
SHA512
f74a0ceea8ecb8ceed963069715616bc2753b0150569955f8348a35c2a12c06cd4d06331c783a3b2285d1db06120c7cb18828c29705634c9d77b9c7689fa192b
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uny:5vEN2U+T6i5LirrllHy4HUcMQY6Z
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1