General
-
Target
4661c2e995c3f467646c36f3e0849cc142dd05fad8be0439791ee116ff557566_NeikiAnalytics.exe
-
Size
22KB
-
Sample
240628-acyqnazdqb
-
MD5
6ab7f1c6293d10a744189d17c1eeadb0
-
SHA1
d5d5e45112f86fb7f0984463fa7b341d6935c7aa
-
SHA256
4661c2e995c3f467646c36f3e0849cc142dd05fad8be0439791ee116ff557566
-
SHA512
07ef00377feaea5133f6c4872a8767b090ca8308c258a0cfd1516a19213c40f389b04da1a8b9f5c447e00d03773b0febabe9aa2c131887d8de59d79a83571891
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+faRtO/UJ:rRkiLw3HsDSARGG/u45J
Malware Config
Targets
-
-
Target
4661c2e995c3f467646c36f3e0849cc142dd05fad8be0439791ee116ff557566_NeikiAnalytics.exe
-
Size
22KB
-
MD5
6ab7f1c6293d10a744189d17c1eeadb0
-
SHA1
d5d5e45112f86fb7f0984463fa7b341d6935c7aa
-
SHA256
4661c2e995c3f467646c36f3e0849cc142dd05fad8be0439791ee116ff557566
-
SHA512
07ef00377feaea5133f6c4872a8767b090ca8308c258a0cfd1516a19213c40f389b04da1a8b9f5c447e00d03773b0febabe9aa2c131887d8de59d79a83571891
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+faRtO/UJ:rRkiLw3HsDSARGG/u45J
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1