514117fd550f4d4da94d4f78eb1109a59fe7ee956ffc75a3a1a42e81d7e04274 | Triage

Sharing

General

Target

514117fd550f4d4da94d4f78eb1109a59fe7ee956ffc75a3a1a42e81d7e04274_NeikiAnalytics.exe
Size

218KB
Sample

240620-lms4psvcqr
MD5

7f85b1e0a0c19b3f052ece60b37e9d30
SHA1

d1aff094d38f8fdb3aa195eebe1553e75ef1bb02
SHA256

514117fd550f4d4da94d4f78eb1109a59fe7ee956ffc75a3a1a42e81d7e04274
SHA512

e2bc8544d4bcf4e935177fe1e12d0568cc44e1509497039ffbdd93203b5f940a37eca29bffe6bf183725d5cdfbeac1dee35dd4099f008e44f5fe3e3f8aed6053
SSDEEP

3072:tvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:h1SyAJp6rjn1gOObn4b6h9h

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  514117fd550f4d4da94d4f78eb1109a59fe7ee956ffc75a3a1a42e81d7e04274_NeikiAnalytics.exe
- Size
  
  218KB
- MD5
  
  7f85b1e0a0c19b3f052ece60b37e9d30
- SHA1
  
  d1aff094d38f8fdb3aa195eebe1553e75ef1bb02
- SHA256
  
  514117fd550f4d4da94d4f78eb1109a59fe7ee956ffc75a3a1a42e81d7e04274
- SHA512
  
  e2bc8544d4bcf4e935177fe1e12d0568cc44e1509497039ffbdd93203b5f940a37eca29bffe6bf183725d5cdfbeac1dee35dd4099f008e44f5fe3e3f8aed6053
- SSDEEP
  
  3072:tvm4SZsQrNzPrl6rjGMjp39d4u8iqddCxMIJOb2o5DsBPjim6hwM2H6:h1SyAJp6rjn1gOObn4b6h9h
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2