General
-
Target
0c60445f32feadc0322d7d5965d08c70_NeikiAnalytics.exe
-
Size
200KB
-
Sample
240530-q7tcesag9t
-
MD5
0c60445f32feadc0322d7d5965d08c70
-
SHA1
30d1269d7910176b630763103b0c4d16626b6cac
-
SHA256
13bbbeac603e543f41e229bde50d96d08596e9fa3587babd11755a5db73e614d
-
SHA512
53b88fe58963b438ec5ecb735a0ee7b93d0fe2966169e2bf8f26e50aee037b77a9477977af755b21a93d2b5729a06182a450bb8e61b396911fe7851ace9b822c
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uBL9iN:7vEN2U+T6i5LirrllHy4HUcMQY6C9iN
Malware Config
Targets
-
-
Target
0c60445f32feadc0322d7d5965d08c70_NeikiAnalytics.exe
-
Size
200KB
-
MD5
0c60445f32feadc0322d7d5965d08c70
-
SHA1
30d1269d7910176b630763103b0c4d16626b6cac
-
SHA256
13bbbeac603e543f41e229bde50d96d08596e9fa3587babd11755a5db73e614d
-
SHA512
53b88fe58963b438ec5ecb735a0ee7b93d0fe2966169e2bf8f26e50aee037b77a9477977af755b21a93d2b5729a06182a450bb8e61b396911fe7851ace9b822c
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uBL9iN:7vEN2U+T6i5LirrllHy4HUcMQY6C9iN
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1