cad48043676b26ad3d48b93e195744694a7199d8344058268a54c9cdc1a09341 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

493f5c6079a421095b1a8921edf7b5c0_NeikiAnalytics.exe
Size

244KB
Sample

240605-jhsahaaf94
MD5

493f5c6079a421095b1a8921edf7b5c0
SHA1

8bc4f79f254f56265333bb2cf298feecf312e5ea
SHA256

cad48043676b26ad3d48b93e195744694a7199d8344058268a54c9cdc1a09341
SHA512

aa38ebea5e53c0c71d9f28726057c3cd1ef07fcee74bad1285e38f0cc25c3354879aa9f56914559b76886ecd5e540801a56275e2d4fafd81a9d5f237ad2e1d88
SSDEEP

6144:SEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:3Aylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  493f5c6079a421095b1a8921edf7b5c0_NeikiAnalytics.exe
- Size
  
  244KB
- MD5
  
  493f5c6079a421095b1a8921edf7b5c0
- SHA1
  
  8bc4f79f254f56265333bb2cf298feecf312e5ea
- SHA256
  
  cad48043676b26ad3d48b93e195744694a7199d8344058268a54c9cdc1a09341
- SHA512
  
  aa38ebea5e53c0c71d9f28726057c3cd1ef07fcee74bad1285e38f0cc25c3354879aa9f56914559b76886ecd5e540801a56275e2d4fafd81a9d5f237ad2e1d88
- SSDEEP
  
  6144:SEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:3Aylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2