f576d416f92a82a951920c29db08e08b0e3b1dc5abe63256f41016f746ce4979 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1e994a39b396eeb3faca825f2ea38b0_NeikiAnalytics.exe
Size

80KB
Sample

240603-nnlr5aec44
MD5

a1e994a39b396eeb3faca825f2ea38b0
SHA1

f75f7e3de14c2ee28c13cfc75dd3e38916da76f8
SHA256

f576d416f92a82a951920c29db08e08b0e3b1dc5abe63256f41016f746ce4979
SHA512

4289701b9e524634ebfa5aa972dd097928076dcefb74493b63170941909008e34fd4960cf80fba22cd76e1d4c9b54ef714166b5b54a0649c81af49bea1a55e0c
SSDEEP

1536:BBn+F+/pvyvJKe5zzN1Kt1RkSs1UfycBjAYn1fpgh:BB+U/pvyvJjtKeXea610

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a1e994a39b396eeb3faca825f2ea38b0_NeikiAnalytics.exe
- Size
  
  80KB
- MD5
  
  a1e994a39b396eeb3faca825f2ea38b0
- SHA1
  
  f75f7e3de14c2ee28c13cfc75dd3e38916da76f8
- SHA256
  
  f576d416f92a82a951920c29db08e08b0e3b1dc5abe63256f41016f746ce4979
- SHA512
  
  4289701b9e524634ebfa5aa972dd097928076dcefb74493b63170941909008e34fd4960cf80fba22cd76e1d4c9b54ef714166b5b54a0649c81af49bea1a55e0c
- SSDEEP
  
  1536:BBn+F+/pvyvJKe5zzN1Kt1RkSs1UfycBjAYn1fpgh:BB+U/pvyvJjtKeXea610
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2