General
-
Target
9bc28921c5022333a8e52ccc0d2a67a0_NeikiAnalytics.exe
-
Size
225KB
-
Sample
240603-e76f7sbe9z
-
MD5
9bc28921c5022333a8e52ccc0d2a67a0
-
SHA1
8912d6db5bdb5046336455781a4e728500bbe5eb
-
SHA256
6af574f761ae76b680b0da61cc945b33b0bf4bbcfd635814ca8393b4c3961685
-
SHA512
80287c96344e2cacd262b15fb2b5a8304bba3c603aaa7a8e0c579490f9651d92cef6a1d93b8f012ae342fc4adbf48ac071b3581cd9a474da340f35397817cbaf
-
SSDEEP
3072:8vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u8vMSR6:8vEN2U+T6i5LirrllHy4HUcMQY6vMSE
Malware Config
Targets
-
-
Target
9bc28921c5022333a8e52ccc0d2a67a0_NeikiAnalytics.exe
-
Size
225KB
-
MD5
9bc28921c5022333a8e52ccc0d2a67a0
-
SHA1
8912d6db5bdb5046336455781a4e728500bbe5eb
-
SHA256
6af574f761ae76b680b0da61cc945b33b0bf4bbcfd635814ca8393b4c3961685
-
SHA512
80287c96344e2cacd262b15fb2b5a8304bba3c603aaa7a8e0c579490f9651d92cef6a1d93b8f012ae342fc4adbf48ac071b3581cd9a474da340f35397817cbaf
-
SSDEEP
3072:8vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u8vMSR6:8vEN2U+T6i5LirrllHy4HUcMQY6vMSE
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1