ab8c00477a8a142a9cfd9e08ec179b15c12905eb1f2934aa6923dd55a35755ab | Triage

Sharing

General

Target

ab8c00477a8a142a9cfd9e08ec179b15c12905eb1f2934aa6923dd55a35755ab_NeikiAnalytics.exe
Size

150KB
Sample

240629-pp5gasxemg
MD5

a218db59526521a9e2e6f5ff3de7a3f0
SHA1

572075ecad019a5d89f2808996c5f8a17cc60f45
SHA256

ab8c00477a8a142a9cfd9e08ec179b15c12905eb1f2934aa6923dd55a35755ab
SHA512

e0c3e977b4e6d52b58c7115b9b7d76519ee621abd71849777615a640f3fe2c8156a1183b2622153cf187a2ed895883e9d1b5f2561c02260c80deadf5ebaeaf3e
SSDEEP

3072:HuuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:HlcEY3iLXXgvRG5TFZoFQaMrHX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ab8c00477a8a142a9cfd9e08ec179b15c12905eb1f2934aa6923dd55a35755ab_NeikiAnalytics.exe
- Size
  
  150KB
- MD5
  
  a218db59526521a9e2e6f5ff3de7a3f0
- SHA1
  
  572075ecad019a5d89f2808996c5f8a17cc60f45
- SHA256
  
  ab8c00477a8a142a9cfd9e08ec179b15c12905eb1f2934aa6923dd55a35755ab
- SHA512
  
  e0c3e977b4e6d52b58c7115b9b7d76519ee621abd71849777615a640f3fe2c8156a1183b2622153cf187a2ed895883e9d1b5f2561c02260c80deadf5ebaeaf3e
- SSDEEP
  
  3072:HuuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:HlcEY3iLXXgvRG5TFZoFQaMrHX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2