General
-
Target
55e5bdfbb7093d2d68153510ffd9fd60_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240605-qd62esha75
-
MD5
55e5bdfbb7093d2d68153510ffd9fd60
-
SHA1
71a7e9c335c5ff3b9af1b0d5345e9034799dc011
-
SHA256
5d74d4d8546c908182efedde18dfa21297b9e2052cc15342df3b1fc3d8c82ab1
-
SHA512
cda9582cfc3de2abbfb456c7ff2b7e9478ed424cbcf5869b97a3215f917ff8c25ea7b1d039900b863a4c3879041bd51236f43c9eb36375ed4b1518996e86a6cf
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLm:5vEN2U+T6i5LirrllHy4HUcMQY6Km
Malware Config
Targets
-
-
Target
55e5bdfbb7093d2d68153510ffd9fd60_NeikiAnalytics.exe
-
Size
206KB
-
MD5
55e5bdfbb7093d2d68153510ffd9fd60
-
SHA1
71a7e9c335c5ff3b9af1b0d5345e9034799dc011
-
SHA256
5d74d4d8546c908182efedde18dfa21297b9e2052cc15342df3b1fc3d8c82ab1
-
SHA512
cda9582cfc3de2abbfb456c7ff2b7e9478ed424cbcf5869b97a3215f917ff8c25ea7b1d039900b863a4c3879041bd51236f43c9eb36375ed4b1518996e86a6cf
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLm:5vEN2U+T6i5LirrllHy4HUcMQY6Km
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1