General
-
Target
0f3904b52ff24800975b5ddea8ecd200_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240606-nxfx8sdf8v
-
MD5
0f3904b52ff24800975b5ddea8ecd200
-
SHA1
54620573d395f664f748aa1ec00e9914d0af5ca3
-
SHA256
fe81b64b2e4bb74f0c344bf3af29d8e2547ce9f01da369049d4dbda0fa71a451
-
SHA512
1d9d306df50113ebf552c9175423f330fb55b56c8234e7b16441bdd1b1010431a9a4c90af12a93b26b8b06c3edecda952334a33bc0d24fcc6b9521eebec0d665
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouu:7WNqkOJWmo1HpM0MkTUmuu
Malware Config
Targets
-
-
Target
0f3904b52ff24800975b5ddea8ecd200_NeikiAnalytics.exe
-
Size
65KB
-
MD5
0f3904b52ff24800975b5ddea8ecd200
-
SHA1
54620573d395f664f748aa1ec00e9914d0af5ca3
-
SHA256
fe81b64b2e4bb74f0c344bf3af29d8e2547ce9f01da369049d4dbda0fa71a451
-
SHA512
1d9d306df50113ebf552c9175423f330fb55b56c8234e7b16441bdd1b1010431a9a4c90af12a93b26b8b06c3edecda952334a33bc0d24fcc6b9521eebec0d665
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouu:7WNqkOJWmo1HpM0MkTUmuu
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1