0f8c1fde7835deb96a07cb49c5e9c4e6678376663988fcade656b69cb9ad8fe6 | Triage

Sharing

General

Target

80e1270ec98ef88546108876dc62e490_NeikiAnalytics.exe
Size

73KB
Sample

240613-qzhkys1drf
MD5

80e1270ec98ef88546108876dc62e490
SHA1

405faa42a8f1aa30f725fa1085cbf37047aee980
SHA256

0f8c1fde7835deb96a07cb49c5e9c4e6678376663988fcade656b69cb9ad8fe6
SHA512

4ec8d110ee2df2f77f9c04a7eac9f9372f5a2ebddec4a61e1ac2902774911923839a7bf60a52d261a647477f069cc7e2e2e3c14208a52893dc567be33a0bdcbb
SSDEEP

1536:x3jgs+6phKAQx5c895P5Zxuyowea2eJYIuv1iahWuSxaqMXSmH:BTdphKRxR95P5Zhowea2yuv/hWuSxa9l

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  80e1270ec98ef88546108876dc62e490_NeikiAnalytics.exe
- Size
  
  73KB
- MD5
  
  80e1270ec98ef88546108876dc62e490
- SHA1
  
  405faa42a8f1aa30f725fa1085cbf37047aee980
- SHA256
  
  0f8c1fde7835deb96a07cb49c5e9c4e6678376663988fcade656b69cb9ad8fe6
- SHA512
  
  4ec8d110ee2df2f77f9c04a7eac9f9372f5a2ebddec4a61e1ac2902774911923839a7bf60a52d261a647477f069cc7e2e2e3c14208a52893dc567be33a0bdcbb
- SSDEEP
  
  1536:x3jgs+6phKAQx5c895P5Zxuyowea2eJYIuv1iahWuSxaqMXSmH:BTdphKRxR95P5Zhowea2yuv/hWuSxa9l
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan