General
-
Target
9559100eb61dc46e50ffd51978d9dce0_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240614-bbh49asdkm
-
MD5
9559100eb61dc46e50ffd51978d9dce0
-
SHA1
fcf6be090da5d05f2426f230ae992c2838861139
-
SHA256
8a91cca756e95a86c9bca31ff06d42a255b27f12563a626e316ee6d9bf57c45d
-
SHA512
17e9e12234cda406d0c49b5f624283556b3bc0334368b410e407f07e98f0e789a9fdf44671584cbef699ac8a3035537026cd8cf843efdb97545216823588db78
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unL2:5vEN2U+T6i5LirrllHy4HUcMQY6K2
Malware Config
Targets
-
-
Target
9559100eb61dc46e50ffd51978d9dce0_NeikiAnalytics.exe
-
Size
206KB
-
MD5
9559100eb61dc46e50ffd51978d9dce0
-
SHA1
fcf6be090da5d05f2426f230ae992c2838861139
-
SHA256
8a91cca756e95a86c9bca31ff06d42a255b27f12563a626e316ee6d9bf57c45d
-
SHA512
17e9e12234cda406d0c49b5f624283556b3bc0334368b410e407f07e98f0e789a9fdf44671584cbef699ac8a3035537026cd8cf843efdb97545216823588db78
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unL2:5vEN2U+T6i5LirrllHy4HUcMQY6K2
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1