General
-
Target
b5b1a9775099da86e26583548515a4a0482eee574d68e44638dc6dc898d29fa8_NeikiAnalytics.exe
-
Size
43KB
-
Sample
240629-wc1qxavgqq
-
MD5
77056b14a396ea62f217a5d7d41dcac0
-
SHA1
5281b99c8af2d7579a475402eef39749448340e3
-
SHA256
b5b1a9775099da86e26583548515a4a0482eee574d68e44638dc6dc898d29fa8
-
SHA512
2b95d414fbe9966b108bbe14837b15f4f1a84b0109238af0908dc65ce51ca178880288c3b357249fac8dc9111d363bcdbfe642aea0d69340c5943dda21e5519a
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWri:RUNHFKQbIkHvGkAzi
Malware Config
Targets
-
-
Target
b5b1a9775099da86e26583548515a4a0482eee574d68e44638dc6dc898d29fa8_NeikiAnalytics.exe
-
Size
43KB
-
MD5
77056b14a396ea62f217a5d7d41dcac0
-
SHA1
5281b99c8af2d7579a475402eef39749448340e3
-
SHA256
b5b1a9775099da86e26583548515a4a0482eee574d68e44638dc6dc898d29fa8
-
SHA512
2b95d414fbe9966b108bbe14837b15f4f1a84b0109238af0908dc65ce51ca178880288c3b357249fac8dc9111d363bcdbfe642aea0d69340c5943dda21e5519a
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWri:RUNHFKQbIkHvGkAzi
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1