General
-
Target
663aff420066f660104e1c5981b8b970_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240613-hdchtaxfpg
-
MD5
663aff420066f660104e1c5981b8b970
-
SHA1
4e62c216d4c375c28d6cb7727179df2adad1a9a5
-
SHA256
138e7770a2ed04e277b683d74089cee64a5795047dbad79ec0deffec66f77560
-
SHA512
940b5fbc15d8e798fe922399092f5850b74db935859afbfd98a39d74d08f5db68fe40067df87b58c70e5eeb0557a674a0dd7b227afa2d2988b502c9192026754
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oud:7WNqkOJWmo1HpM0MkTUmud
Malware Config
Targets
-
-
Target
663aff420066f660104e1c5981b8b970_NeikiAnalytics.exe
-
Size
65KB
-
MD5
663aff420066f660104e1c5981b8b970
-
SHA1
4e62c216d4c375c28d6cb7727179df2adad1a9a5
-
SHA256
138e7770a2ed04e277b683d74089cee64a5795047dbad79ec0deffec66f77560
-
SHA512
940b5fbc15d8e798fe922399092f5850b74db935859afbfd98a39d74d08f5db68fe40067df87b58c70e5eeb0557a674a0dd7b227afa2d2988b502c9192026754
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oud:7WNqkOJWmo1HpM0MkTUmud
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1