11f93456de774db569eece932aa088332c18c5fda8410d4436a894939467a7b1 | Triage

Sharing

General

Target

4af3f134148b96962869d510ce15e130_NeikiAnalytics.exe
Size

355KB
Sample

240607-lldbvsec8w
MD5

4af3f134148b96962869d510ce15e130
SHA1

46d71d52e64572cd95375486eee550edac18a48d
SHA256

11f93456de774db569eece932aa088332c18c5fda8410d4436a894939467a7b1
SHA512

59b9f94507cbe0806c9523387a71da0a55c1c45d0fce575a9139771fb59f72de4ca115ba0ae3d51d300f35b7559b68d2fafe2b9e5d4113487f617273b37ce1b4
SSDEEP

6144:BgEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:nmWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4af3f134148b96962869d510ce15e130_NeikiAnalytics.exe
- Size
  
  355KB
- MD5
  
  4af3f134148b96962869d510ce15e130
- SHA1
  
  46d71d52e64572cd95375486eee550edac18a48d
- SHA256
  
  11f93456de774db569eece932aa088332c18c5fda8410d4436a894939467a7b1
- SHA512
  
  59b9f94507cbe0806c9523387a71da0a55c1c45d0fce575a9139771fb59f72de4ca115ba0ae3d51d300f35b7559b68d2fafe2b9e5d4113487f617273b37ce1b4
- SSDEEP
  
  6144:BgEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:nmWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2