30f3159c41801706f22ba129bc83694421f8327970d64476e56a36227e381642 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30f3159c41801706f22ba129bc83694421f8327970d64476e56a36227e381642_NeikiAnalytics.exe
Size

201KB
Sample

240620-ef6yna1hpr
MD5

4a1776d381ed735d52f3d6cddc4aeef0
SHA1

e504adb15aae58db2b59a2c095c0c0d383b49c6f
SHA256

30f3159c41801706f22ba129bc83694421f8327970d64476e56a36227e381642
SHA512

a5dd783ea50adcc672c8ed7c17fe0a6b2f95f1f8649e5238207a1ac59480376713eb1fea33c68917f4597f24cc8f7de702ca8612331e669f5c3e144db4821f42
SSDEEP

6144:At++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:D+cff22qZhZcKYhc/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  30f3159c41801706f22ba129bc83694421f8327970d64476e56a36227e381642_NeikiAnalytics.exe
- Size
  
  201KB
- MD5
  
  4a1776d381ed735d52f3d6cddc4aeef0
- SHA1
  
  e504adb15aae58db2b59a2c095c0c0d383b49c6f
- SHA256
  
  30f3159c41801706f22ba129bc83694421f8327970d64476e56a36227e381642
- SHA512
  
  a5dd783ea50adcc672c8ed7c17fe0a6b2f95f1f8649e5238207a1ac59480376713eb1fea33c68917f4597f24cc8f7de702ca8612331e669f5c3e144db4821f42
- SSDEEP
  
  6144:At++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:D+cff22qZhZcKYhc/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2