237348ca313f2d6fc8c8cb314a2723c39fd3c11cc02404a0972f2cfdaa374ed8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79e974dbc6672bdd5166fd0cdce372c0_NeikiAnalytics.exe
Size

237KB
Sample

240531-gnyclaab89
MD5

79e974dbc6672bdd5166fd0cdce372c0
SHA1

b42851f07ec0d593a49355b15191339b88891460
SHA256

237348ca313f2d6fc8c8cb314a2723c39fd3c11cc02404a0972f2cfdaa374ed8
SHA512

1f34b77f0d5f8fadb6c464905c228dbcaf303379daeb60d67279c7b2eb4b80b873a92b49768e09d474bd363e22b023a1da9ba9f6f4d9e34f89b142989f94e3b8
SSDEEP

6144:4D8okEvTyoZVOgd2QZiw5NLclL5orfQH:KsjCF2QZiOU+4

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  79e974dbc6672bdd5166fd0cdce372c0_NeikiAnalytics.exe
- Size
  
  237KB
- MD5
  
  79e974dbc6672bdd5166fd0cdce372c0
- SHA1
  
  b42851f07ec0d593a49355b15191339b88891460
- SHA256
  
  237348ca313f2d6fc8c8cb314a2723c39fd3c11cc02404a0972f2cfdaa374ed8
- SHA512
  
  1f34b77f0d5f8fadb6c464905c228dbcaf303379daeb60d67279c7b2eb4b80b873a92b49768e09d474bd363e22b023a1da9ba9f6f4d9e34f89b142989f94e3b8
- SSDEEP
  
  6144:4D8okEvTyoZVOgd2QZiw5NLclL5orfQH:KsjCF2QZiOU+4
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2