General
-
Target
8eb975285bb5d1793f846c21b52bc600_NeikiAnalytics.exe
-
Size
51KB
-
Sample
240601-fv8lgabf68
-
MD5
8eb975285bb5d1793f846c21b52bc600
-
SHA1
91241047b3f2a5a4b62e2e791e733c9f7f5dccae
-
SHA256
0a6741724eec4df87b9ecbc6db64b5be01e4840798e755bf360fc00bf8dc2ba9
-
SHA512
42c947864828825b6d02aa8a39c3e29ab9f3a0bc6abb7ccde8b9b7fb12e6a3e70d991543bae9453b1f6d69bc314016bcdd554c692fc4403b01bf88d51240ae22
-
SSDEEP
768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3i:nNJb/HkwoLe29UjQ4wqQOLIMVnS3i
Malware Config
Targets
-
-
Target
8eb975285bb5d1793f846c21b52bc600_NeikiAnalytics.exe
-
Size
51KB
-
MD5
8eb975285bb5d1793f846c21b52bc600
-
SHA1
91241047b3f2a5a4b62e2e791e733c9f7f5dccae
-
SHA256
0a6741724eec4df87b9ecbc6db64b5be01e4840798e755bf360fc00bf8dc2ba9
-
SHA512
42c947864828825b6d02aa8a39c3e29ab9f3a0bc6abb7ccde8b9b7fb12e6a3e70d991543bae9453b1f6d69bc314016bcdd554c692fc4403b01bf88d51240ae22
-
SSDEEP
768:nNAGAkIo/juokwoL7627d9rIiClJAxiFkJT22euOiya6lHOYxY0x0KS3i:nNJb/HkwoLe29UjQ4wqQOLIMVnS3i
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1