General
-
Target
1ee179a5c3b4ae396e22134684e85ec0d85c284d91013330004bf6e8208f97b5_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240628-1jm6lswbpl
-
MD5
7863636f154c40c1d46076114b424dd0
-
SHA1
f8b0761860292a335b8edc94189b9d68559dcc7d
-
SHA256
1ee179a5c3b4ae396e22134684e85ec0d85c284d91013330004bf6e8208f97b5
-
SHA512
5164119dacbfef4a9bee9691a3271eee0707af3239ec301fd45a889c3f93b26ee4edaba522b1a28fd493bb54b3492703ff9694df0db16e41e03c62c5145795ee
-
SSDEEP
1536:zA96HuYwFmRfxE5ldzmOrbazck/Jish7G+1/tvw4rQ3DTWAWxkxJV0f8T0:zROYwFX5lUOrLk/csh7zdbAWWJVbT0
Static task
static1
Behavioral task
behavioral1
Sample
1ee179a5c3b4ae396e22134684e85ec0d85c284d91013330004bf6e8208f97b5_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1ee179a5c3b4ae396e22134684e85ec0d85c284d91013330004bf6e8208f97b5_NeikiAnalytics.exe
-
Size
120KB
-
MD5
7863636f154c40c1d46076114b424dd0
-
SHA1
f8b0761860292a335b8edc94189b9d68559dcc7d
-
SHA256
1ee179a5c3b4ae396e22134684e85ec0d85c284d91013330004bf6e8208f97b5
-
SHA512
5164119dacbfef4a9bee9691a3271eee0707af3239ec301fd45a889c3f93b26ee4edaba522b1a28fd493bb54b3492703ff9694df0db16e41e03c62c5145795ee
-
SSDEEP
1536:zA96HuYwFmRfxE5ldzmOrbazck/Jish7G+1/tvw4rQ3DTWAWxkxJV0f8T0:zROYwFX5lUOrLk/csh7zdbAWWJVbT0
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1