General
-
Target
54e83bced1c776924598ee1ebcdeb910_NeikiAnalytics.exe
-
Size
272KB
-
Sample
240604-kz4kjabe6y
-
MD5
54e83bced1c776924598ee1ebcdeb910
-
SHA1
b52e335e83201f6b24447cbde9c1ca0512e31d79
-
SHA256
c7ee9318cfbf6980a9f2e4375513a6fd1309bfe32907eba53a8e7e5916ce905d
-
SHA512
5f0aa06982d95c224f5cef468188748c0ac8b7ada00571a6af6d8b5308997148134fe6530fc2fadaf7d375bc3b63fb4049927c7cd72cec96208e8e742384cb81
-
SSDEEP
3072:Ax/5F/E7tEf0g+p+tYlpJH7iXQNgggHlxDZiYLK5Wpht4xZVX4/awxfX:AxhF4ch+wWJH7igNgjdFKsCRARX
Malware Config
Targets
-
-
Target
54e83bced1c776924598ee1ebcdeb910_NeikiAnalytics.exe
-
Size
272KB
-
MD5
54e83bced1c776924598ee1ebcdeb910
-
SHA1
b52e335e83201f6b24447cbde9c1ca0512e31d79
-
SHA256
c7ee9318cfbf6980a9f2e4375513a6fd1309bfe32907eba53a8e7e5916ce905d
-
SHA512
5f0aa06982d95c224f5cef468188748c0ac8b7ada00571a6af6d8b5308997148134fe6530fc2fadaf7d375bc3b63fb4049927c7cd72cec96208e8e742384cb81
-
SSDEEP
3072:Ax/5F/E7tEf0g+p+tYlpJH7iXQNgggHlxDZiYLK5Wpht4xZVX4/awxfX:AxhF4ch+wWJH7igNgjdFKsCRARX
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables use of System Restore points
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1