General
-
Target
7f6891372b0609e2815b3611e44414b0_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240617-mxq8ja1flm
-
MD5
7f6891372b0609e2815b3611e44414b0
-
SHA1
5e4e00c9086cda988cd028ee492a0de0a55af19b
-
SHA256
8db80ffbcce1d68b63829d370cd74c3534009038bd2b957753a6cab2618180a5
-
SHA512
79ba917df11e679a7ef454ad6c7d70d42889c4ef808b958f804675cb4d2033d28d7dfebf7f9e9eff394932dd71b332b7f253754091af31466baf65ca5104cd10
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouu:7WNqkOJWmo1HpM0MkTUmuu
Malware Config
Targets
-
-
Target
7f6891372b0609e2815b3611e44414b0_NeikiAnalytics.exe
-
Size
65KB
-
MD5
7f6891372b0609e2815b3611e44414b0
-
SHA1
5e4e00c9086cda988cd028ee492a0de0a55af19b
-
SHA256
8db80ffbcce1d68b63829d370cd74c3534009038bd2b957753a6cab2618180a5
-
SHA512
79ba917df11e679a7ef454ad6c7d70d42889c4ef808b958f804675cb4d2033d28d7dfebf7f9e9eff394932dd71b332b7f253754091af31466baf65ca5104cd10
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouu:7WNqkOJWmo1HpM0MkTUmuu
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1