General
-
Target
a052085a277fbddad21c28ad7185ae787f9dea6bb3d8fd0954ffe6153f600274_NeikiAnalytics.exe
-
Size
394KB
-
Sample
240628-tqrztawemf
-
MD5
90c73426f911b0a4f5d8ff39cd752020
-
SHA1
e1b71fdfdb6b662b18953cedc0eda9c49a9b4b05
-
SHA256
a052085a277fbddad21c28ad7185ae787f9dea6bb3d8fd0954ffe6153f600274
-
SHA512
83b8c5ce9afbb3fc235cc2fccfd428497ed5850f5bb407dd899951130fe6293f3975a865dd7467546bb6acf2ae8f1198879d0bc5cc20d4a92a2273b2c3a5463b
-
SSDEEP
6144:lydhEKXcsgMZNdcx+w/blIBDBjfOEd+TKDaZb07dBsYnYPR8AG/RiOKqwekTff:CSx+gIBDBTOEITK2o7HsYn2Rw/Ri5ekr
Static task
static1
Behavioral task
behavioral1
Sample
a052085a277fbddad21c28ad7185ae787f9dea6bb3d8fd0954ffe6153f600274_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a052085a277fbddad21c28ad7185ae787f9dea6bb3d8fd0954ffe6153f600274_NeikiAnalytics.exe
-
Size
394KB
-
MD5
90c73426f911b0a4f5d8ff39cd752020
-
SHA1
e1b71fdfdb6b662b18953cedc0eda9c49a9b4b05
-
SHA256
a052085a277fbddad21c28ad7185ae787f9dea6bb3d8fd0954ffe6153f600274
-
SHA512
83b8c5ce9afbb3fc235cc2fccfd428497ed5850f5bb407dd899951130fe6293f3975a865dd7467546bb6acf2ae8f1198879d0bc5cc20d4a92a2273b2c3a5463b
-
SSDEEP
6144:lydhEKXcsgMZNdcx+w/blIBDBjfOEd+TKDaZb07dBsYnYPR8AG/RiOKqwekTff:CSx+gIBDBTOEITK2o7HsYn2Rw/Ri5ekr
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1