General
-
Target
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8_NeikiAnalytics.exe
-
Size
206KB
-
Sample
240701-e5jjnazbrl
-
MD5
1319493968a0db54c5d716f913b14060
-
SHA1
b2ade583a1c27b734448ca18ff1891041e34e1dc
-
SHA256
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8
-
SHA512
c9b12ab6a20e8e29b6fb51ead2ff739f238b412a4799b7671edf8f1520c2c0f21c36b47551bf6df8bca4810b3a47f7175c1f5edbd6808a9062c754e42e3f2ef2
-
SSDEEP
3072:KvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unv:KvEN2U+T6i5LirrllHy4HUcMQY6E
Static task
static1
Behavioral task
behavioral1
Sample
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8_NeikiAnalytics.exe
-
Size
206KB
-
MD5
1319493968a0db54c5d716f913b14060
-
SHA1
b2ade583a1c27b734448ca18ff1891041e34e1dc
-
SHA256
35833fd954a1f2c69c8c2e65706f61ce81be3c31c0b292b772d82e982d47a1e8
-
SHA512
c9b12ab6a20e8e29b6fb51ead2ff739f238b412a4799b7671edf8f1520c2c0f21c36b47551bf6df8bca4810b3a47f7175c1f5edbd6808a9062c754e42e3f2ef2
-
SSDEEP
3072:KvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unv:KvEN2U+T6i5LirrllHy4HUcMQY6E
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Active Setup
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Active Setup
1