09984a9894b9c91c3c653c00965068ca83b9b829d1be9a9b01709153d98fbb31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09984a9894b9c91c3c653c00965068ca83b9b829d1be9a9b01709153d98fbb31_NeikiAnalytics.exe
Size

212KB
Sample

240628-v86rcsxfkb
MD5

359311e7de6d207e71d2231bc5ee5aa0
SHA1

ebbc05f1f432cb8e1e343bf12c67c0e4fa0df2e7
SHA256

09984a9894b9c91c3c653c00965068ca83b9b829d1be9a9b01709153d98fbb31
SHA512

4a122ec8339e731bdae3473bbf5fd16f64c8c097e2ae885d6c49706d2a1bb4baf653611970f44e59bc4a657a025c0ece059195ee595625b6b4d05a12ce901177
SSDEEP

3072:fGwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:fG/iVkO20SFgBhxtW9mG9+Umt3Ezjb

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  09984a9894b9c91c3c653c00965068ca83b9b829d1be9a9b01709153d98fbb31_NeikiAnalytics.exe
- Size
  
  212KB
- MD5
  
  359311e7de6d207e71d2231bc5ee5aa0
- SHA1
  
  ebbc05f1f432cb8e1e343bf12c67c0e4fa0df2e7
- SHA256
  
  09984a9894b9c91c3c653c00965068ca83b9b829d1be9a9b01709153d98fbb31
- SHA512
  
  4a122ec8339e731bdae3473bbf5fd16f64c8c097e2ae885d6c49706d2a1bb4baf653611970f44e59bc4a657a025c0ece059195ee595625b6b4d05a12ce901177
- SSDEEP
  
  3072:fGwPsm1VrwxOsf0juzv8j4P1Hr6krr4IEhx9QZe2gO9mG9UHA30Vt3E/vDjb:fG/iVkO20SFgBhxtW9mG9+Umt3Ezjb
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2