296c9ac5fe81607ec55dff53872923abcf1cbe6f743ece2c14eeca4184145ee3 | Triage

Sharing

General

Target

c786f40e01452c4b5df1d132c992dfd0_NeikiAnalytics.exe
Size

355KB
Sample

240616-a59cvssbqf
MD5

c786f40e01452c4b5df1d132c992dfd0
SHA1

1979b4496ba89579fc6da6d4396c0616ffc3cf42
SHA256

296c9ac5fe81607ec55dff53872923abcf1cbe6f743ece2c14eeca4184145ee3
SHA512

6c05bf8b4edeaff97fc778294c1d34f9b72e5864948b286ba66f15dfc489fe2c56f12ed003707f065c3f3b41221a6b74d2ce93a120ce040e681003c49cc6982b
SSDEEP

6144:0gEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:WmWhND9yJz+b1FcMLmp2ATTSsd

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c786f40e01452c4b5df1d132c992dfd0_NeikiAnalytics.exe
- Size
  
  355KB
- MD5
  
  c786f40e01452c4b5df1d132c992dfd0
- SHA1
  
  1979b4496ba89579fc6da6d4396c0616ffc3cf42
- SHA256
  
  296c9ac5fe81607ec55dff53872923abcf1cbe6f743ece2c14eeca4184145ee3
- SHA512
  
  6c05bf8b4edeaff97fc778294c1d34f9b72e5864948b286ba66f15dfc489fe2c56f12ed003707f065c3f3b41221a6b74d2ce93a120ce040e681003c49cc6982b
- SSDEEP
  
  6144:0gEmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Ei:WmWhND9yJz+b1FcMLmp2ATTSsd
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2