General
-
Target
1f4524f08b8f68c4109884c6504de8bc1bec4b469c2ed308a13eb26c94737e56_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240628-1kfg6asgnf
-
MD5
3ed77d210308adfd4d0e8ee36e3c6ff0
-
SHA1
f9cda03ae1a31b9047681906a834e7ec86c38b8f
-
SHA256
1f4524f08b8f68c4109884c6504de8bc1bec4b469c2ed308a13eb26c94737e56
-
SHA512
62e9ea56825c8ee0604295f2f6aa08898231a25f546c1f613ece68244b6d464364b9e2df795ecf030e370f8475bbf5bc4fc5dd7705e773ffeddc4f1549a2a973
-
SSDEEP
3072:2d7ZpilO/Ou3WuBTMlNQcQQx1oqQu1yPiq0:8l4lgWmTMlNQczi01Wh
Static task
static1
Behavioral task
behavioral1
Sample
1f4524f08b8f68c4109884c6504de8bc1bec4b469c2ed308a13eb26c94737e56_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1f4524f08b8f68c4109884c6504de8bc1bec4b469c2ed308a13eb26c94737e56_NeikiAnalytics.exe
-
Size
120KB
-
MD5
3ed77d210308adfd4d0e8ee36e3c6ff0
-
SHA1
f9cda03ae1a31b9047681906a834e7ec86c38b8f
-
SHA256
1f4524f08b8f68c4109884c6504de8bc1bec4b469c2ed308a13eb26c94737e56
-
SHA512
62e9ea56825c8ee0604295f2f6aa08898231a25f546c1f613ece68244b6d464364b9e2df795ecf030e370f8475bbf5bc4fc5dd7705e773ffeddc4f1549a2a973
-
SSDEEP
3072:2d7ZpilO/Ou3WuBTMlNQcQQx1oqQu1yPiq0:8l4lgWmTMlNQczi01Wh
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1