General
-
Target
09e7654ace2d9fbc6f64d6d0a866f58388903faf783344a1df1688b046e1b306_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240628-wfwalaxgkc
-
MD5
b7f75b2a8afee873978e8d8fdb05da50
-
SHA1
8da3f711f2894b109f1821880e29c6927c3bc7f5
-
SHA256
09e7654ace2d9fbc6f64d6d0a866f58388903faf783344a1df1688b046e1b306
-
SHA512
f91f30157039c227b2d0a56ec4c5e030585c6789a52dc5f2151a8e7af649a1c829b535583356d75ed87fad4fa4c2cd160d21b5bf020c119d7192e2545bb943ba
-
SSDEEP
1536:zYV2QQpZIK9HI9GXLPGReu+jBegS/xFO8yxEyjoot26yE8IVGw6duDR:zYSIKSk7uh+W5FM/oXJE8IVGldi
Static task
static1
Behavioral task
behavioral1
Sample
09e7654ace2d9fbc6f64d6d0a866f58388903faf783344a1df1688b046e1b306_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
09e7654ace2d9fbc6f64d6d0a866f58388903faf783344a1df1688b046e1b306_NeikiAnalytics.exe
-
Size
120KB
-
MD5
b7f75b2a8afee873978e8d8fdb05da50
-
SHA1
8da3f711f2894b109f1821880e29c6927c3bc7f5
-
SHA256
09e7654ace2d9fbc6f64d6d0a866f58388903faf783344a1df1688b046e1b306
-
SHA512
f91f30157039c227b2d0a56ec4c5e030585c6789a52dc5f2151a8e7af649a1c829b535583356d75ed87fad4fa4c2cd160d21b5bf020c119d7192e2545bb943ba
-
SSDEEP
1536:zYV2QQpZIK9HI9GXLPGReu+jBegS/xFO8yxEyjoot26yE8IVGw6duDR:zYSIKSk7uh+W5FM/oXJE8IVGldi
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1