General
-
Target
37cafec88ef43c1466e375348a25ca40_NeikiAnalytics.exe
-
Size
200KB
-
Sample
240612-nxgvjatclf
-
MD5
37cafec88ef43c1466e375348a25ca40
-
SHA1
3bc12b95e3c5f2ed1dbc20b09cbc79c4badb4958
-
SHA256
a8faf39a76ff711323dbce85117f3d33e4cfacf6975867cc232762345fc6ffe7
-
SHA512
f2193e8773e85134746c6f60eb02a3a1cccd93938488fd3c65056094e39bec1c85b4361e5557735e4babf011a2a72e3779f43b22c215c9be7c580699521e4792
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uBL9i6:7vEN2U+T6i5LirrllHy4HUcMQY6C9i6
Malware Config
Targets
-
-
Target
37cafec88ef43c1466e375348a25ca40_NeikiAnalytics.exe
-
Size
200KB
-
MD5
37cafec88ef43c1466e375348a25ca40
-
SHA1
3bc12b95e3c5f2ed1dbc20b09cbc79c4badb4958
-
SHA256
a8faf39a76ff711323dbce85117f3d33e4cfacf6975867cc232762345fc6ffe7
-
SHA512
f2193e8773e85134746c6f60eb02a3a1cccd93938488fd3c65056094e39bec1c85b4361e5557735e4babf011a2a72e3779f43b22c215c9be7c580699521e4792
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6uBL9i6:7vEN2U+T6i5LirrllHy4HUcMQY6C9i6
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1