General
-
Target
06595175c4d3b8f98efbb04ac6cdef76128eebbe38c8c7d642570a2aa036df49_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240629-2b1x6s1fkl
-
MD5
1c53e6150832ac5a2d825b8a5f8fb060
-
SHA1
ac8ba3cccd30ff841ef6b28d5a378d9cdf44b1d4
-
SHA256
06595175c4d3b8f98efbb04ac6cdef76128eebbe38c8c7d642570a2aa036df49
-
SHA512
e3e6f5ef42704ae1f5cc6972af7c0f3ae42ac9091aad1ab19bf631b7066e9f5c7a62d4e657c3a0038f132c2502cfa73ec82837a65e2d07659a1da71d267d6143
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unZ:zvEN2U+T6i5LirrllHy4HUcMQY6m
Malware Config
Targets
-
-
Target
06595175c4d3b8f98efbb04ac6cdef76128eebbe38c8c7d642570a2aa036df49_NeikiAnalytics.exe
-
Size
206KB
-
MD5
1c53e6150832ac5a2d825b8a5f8fb060
-
SHA1
ac8ba3cccd30ff841ef6b28d5a378d9cdf44b1d4
-
SHA256
06595175c4d3b8f98efbb04ac6cdef76128eebbe38c8c7d642570a2aa036df49
-
SHA512
e3e6f5ef42704ae1f5cc6972af7c0f3ae42ac9091aad1ab19bf631b7066e9f5c7a62d4e657c3a0038f132c2502cfa73ec82837a65e2d07659a1da71d267d6143
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unZ:zvEN2U+T6i5LirrllHy4HUcMQY6m
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1