a9b000bd7563ebd925be6924d7363be84c882b3eade51420baa154156837c04c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9b000bd7563ebd925be6924d7363be84c882b3eade51420baa154156837c04c_NeikiAnalytics.exe
Size

244KB
Sample

240629-nlxfvazckj
MD5

fe90ef9fce7af5c7bc645f8da4ee2700
SHA1

88b624382b605c456f4f9cba3489c5a11a68d175
SHA256

a9b000bd7563ebd925be6924d7363be84c882b3eade51420baa154156837c04c
SHA512

29eb668ca25b4283c7f1148f81478d1622b51d95e60f272dde8653c3462818c26339bd33075887e402c89630c8670b4bb86c6fe3aa1b09273eb49c47e4692137
SSDEEP

6144:jEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:kAylvv5YRwh9HYd61xhmX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a9b000bd7563ebd925be6924d7363be84c882b3eade51420baa154156837c04c_NeikiAnalytics.exe
- Size
  
  244KB
- MD5
  
  fe90ef9fce7af5c7bc645f8da4ee2700
- SHA1
  
  88b624382b605c456f4f9cba3489c5a11a68d175
- SHA256
  
  a9b000bd7563ebd925be6924d7363be84c882b3eade51420baa154156837c04c
- SHA512
  
  29eb668ca25b4283c7f1148f81478d1622b51d95e60f272dde8653c3462818c26339bd33075887e402c89630c8670b4bb86c6fe3aa1b09273eb49c47e4692137
- SSDEEP
  
  6144:jEXlSylvFuWaS54hIAv/QhuA7HY8pPZ0FP6BzxM5EmX:kAylvv5YRwh9HYd61xhmX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2