General
-
Target
1851a9a66739508628bb9788674cd330_NeikiAnalytics.exe
-
Size
66KB
-
Sample
240606-qjlmnsee8y
-
MD5
1851a9a66739508628bb9788674cd330
-
SHA1
75b0ecd04a1ca8ba4408912c85349c16fcdb0d86
-
SHA256
63f4077d2274d6d066809581312e1a19b32c1afd9f8900f50a4eca508ea2d581
-
SHA512
f28702fb077a3f7a0c01c49dcacc26f2d2dfcc1ec3abfd9e1759268a66e37ebc31c92246c3387726b445691eccbe4577fe0622554bd9274d32c643f64f987285
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiV:IeklMMYJhqezw/pXzH9iV
Malware Config
Targets
-
-
Target
1851a9a66739508628bb9788674cd330_NeikiAnalytics.exe
-
Size
66KB
-
MD5
1851a9a66739508628bb9788674cd330
-
SHA1
75b0ecd04a1ca8ba4408912c85349c16fcdb0d86
-
SHA256
63f4077d2274d6d066809581312e1a19b32c1afd9f8900f50a4eca508ea2d581
-
SHA512
f28702fb077a3f7a0c01c49dcacc26f2d2dfcc1ec3abfd9e1759268a66e37ebc31c92246c3387726b445691eccbe4577fe0622554bd9274d32c643f64f987285
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiV:IeklMMYJhqezw/pXzH9iV
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1