General
-
Target
a607e58ba05335ab33472830797585843f26d60a5c90bd2371e44f2759cfb133_NeikiAnalytics.exe
-
Size
1.1MB
-
Sample
240628-xdytdasaqp
-
MD5
1c9f8c3a353b61e83862098b10de2c40
-
SHA1
2c9dd88638e7bd8bf32714db20d4e5df1b7ca587
-
SHA256
a607e58ba05335ab33472830797585843f26d60a5c90bd2371e44f2759cfb133
-
SHA512
45692ef1749c18e4be4548e999e89549223c7108e92266d5d8762050c22d056f03a3c1cb48657a9584c05a3734f60bbaba31da33cd763aa9567caf86aa206b4b
-
SSDEEP
24576:vTllSppqUBMdn+Z7IDJzcUNE6HmtJJGsXC+mFKfawb+Mdl:qEUBMdqGcUNEi+JJG0lag++
Static task
static1
Behavioral task
behavioral1
Sample
a607e58ba05335ab33472830797585843f26d60a5c90bd2371e44f2759cfb133_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a607e58ba05335ab33472830797585843f26d60a5c90bd2371e44f2759cfb133_NeikiAnalytics.exe
-
Size
1.1MB
-
MD5
1c9f8c3a353b61e83862098b10de2c40
-
SHA1
2c9dd88638e7bd8bf32714db20d4e5df1b7ca587
-
SHA256
a607e58ba05335ab33472830797585843f26d60a5c90bd2371e44f2759cfb133
-
SHA512
45692ef1749c18e4be4548e999e89549223c7108e92266d5d8762050c22d056f03a3c1cb48657a9584c05a3734f60bbaba31da33cd763aa9567caf86aa206b4b
-
SSDEEP
24576:vTllSppqUBMdn+Z7IDJzcUNE6HmtJJGsXC+mFKfawb+Mdl:qEUBMdqGcUNEi+JJG0lag++
-
Modifies firewall policy service
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1