General
-
Target
93907c0b457c82f18d57259f990bb98ccb599dd6098e5395d810748ce19fc438_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240628-mnvjlavdlf
-
MD5
c4938f9d4276f20eb78bd4e63fa05aa0
-
SHA1
2d66a02c878805bc44064d2a8bb56869f497825e
-
SHA256
93907c0b457c82f18d57259f990bb98ccb599dd6098e5395d810748ce19fc438
-
SHA512
30a254de0e53ef040bd2f05a9d1eaa767539e3f798300c41a51949043774b02a1768cb7c07a31327775f3ec14e8c4afe35d7dafcebacf3e5d17a9c5967ad2cc2
-
SSDEEP
3072:+M+bClJjbBPjFnJCDNa+j+zt25hs5fXz+Ec1:sb4ppANa+jqta25f6d
Static task
static1
Behavioral task
behavioral1
Sample
93907c0b457c82f18d57259f990bb98ccb599dd6098e5395d810748ce19fc438_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
93907c0b457c82f18d57259f990bb98ccb599dd6098e5395d810748ce19fc438_NeikiAnalytics.exe
-
Size
120KB
-
MD5
c4938f9d4276f20eb78bd4e63fa05aa0
-
SHA1
2d66a02c878805bc44064d2a8bb56869f497825e
-
SHA256
93907c0b457c82f18d57259f990bb98ccb599dd6098e5395d810748ce19fc438
-
SHA512
30a254de0e53ef040bd2f05a9d1eaa767539e3f798300c41a51949043774b02a1768cb7c07a31327775f3ec14e8c4afe35d7dafcebacf3e5d17a9c5967ad2cc2
-
SSDEEP
3072:+M+bClJjbBPjFnJCDNa+j+zt25hs5fXz+Ec1:sb4ppANa+jqta25f6d
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1