General
-
Target
131369f3a7e80b3a00560cd3570416e0_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240604-2v13aaec3s
-
MD5
131369f3a7e80b3a00560cd3570416e0
-
SHA1
48baaa94fbf7723ca3074472013571da33bbe8d9
-
SHA256
f420a0469fbb130f5eb87d02e71f10f462f04f2981f041f466171154c0594167
-
SHA512
3b24f4e20c9f13f165108a3704dee0ebbfdf35ed06fd25d5d6b5b5dfedfcf84b4f011f8a82df18808404311aa0017e8a7a366e3b1734b1251d15b6494a261d3f
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLf:5vEN2U+T6i5LirrllHy4HUcMQY6Kf
Malware Config
Targets
-
-
Target
131369f3a7e80b3a00560cd3570416e0_NeikiAnalytics.exe
-
Size
206KB
-
MD5
131369f3a7e80b3a00560cd3570416e0
-
SHA1
48baaa94fbf7723ca3074472013571da33bbe8d9
-
SHA256
f420a0469fbb130f5eb87d02e71f10f462f04f2981f041f466171154c0594167
-
SHA512
3b24f4e20c9f13f165108a3704dee0ebbfdf35ed06fd25d5d6b5b5dfedfcf84b4f011f8a82df18808404311aa0017e8a7a366e3b1734b1251d15b6494a261d3f
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLf:5vEN2U+T6i5LirrllHy4HUcMQY6Kf
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1