5997340d387df4e1a6e276e5132bf193a31e736bbb3e0a4a44f0546c148ef1ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bad0e993d61eb191bca91b12995fe70_NeikiAnalytics.exe
Size

349KB
Sample

240616-z8z12asfkp
MD5

0bad0e993d61eb191bca91b12995fe70
SHA1

10b57818169332689ba90c73ed544dab34e3a9fa
SHA256

5997340d387df4e1a6e276e5132bf193a31e736bbb3e0a4a44f0546c148ef1ad
SHA512

9236bf693b74528abc6bebfe424e29b0df66bf3dcc818b14eff6074fe81e28a4245282b1c038a48d190d27506496fa6cb730206d536e1b0a22cedbddce245ca1
SSDEEP

6144:DVTQSSiexKAK4y6UvcZSeNH49qQQOH+ym4LLIoTqHSMaxzL:VSiOK4yjNQOGzoTCSMG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0bad0e993d61eb191bca91b12995fe70_NeikiAnalytics.exe
- Size
  
  349KB
- MD5
  
  0bad0e993d61eb191bca91b12995fe70
- SHA1
  
  10b57818169332689ba90c73ed544dab34e3a9fa
- SHA256
  
  5997340d387df4e1a6e276e5132bf193a31e736bbb3e0a4a44f0546c148ef1ad
- SHA512
  
  9236bf693b74528abc6bebfe424e29b0df66bf3dcc818b14eff6074fe81e28a4245282b1c038a48d190d27506496fa6cb730206d536e1b0a22cedbddce245ca1
- SSDEEP
  
  6144:DVTQSSiexKAK4y6UvcZSeNH49qQQOH+ym4LLIoTqHSMaxzL:VSiOK4yjNQOGzoTCSMG
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2