General
-
Target
1c12627263858757c96a5c4457e80aefbf2b31679194d68f36dac0f0e3adc38b_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240628-z9plpasejg
-
MD5
4f3be58d7f0a03b190307abc47c31d30
-
SHA1
8a92ffc0b3c321cb0e2dea6767febfeb27b0561e
-
SHA256
1c12627263858757c96a5c4457e80aefbf2b31679194d68f36dac0f0e3adc38b
-
SHA512
74592b99801cf3816a3ebdbb3678236de10796257630776d065f6f8363c7cddcfe400f809b6c7a635269f3460766f677a7afafa90402c51d9395920efec31b8d
-
SSDEEP
3072:8mupdge5Trqfd0rbirf36jlFB1G7bZE17ltrESDK9r:gjufylpFHGRE1019
Static task
static1
Behavioral task
behavioral1
Sample
1c12627263858757c96a5c4457e80aefbf2b31679194d68f36dac0f0e3adc38b_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1c12627263858757c96a5c4457e80aefbf2b31679194d68f36dac0f0e3adc38b_NeikiAnalytics.exe
-
Size
120KB
-
MD5
4f3be58d7f0a03b190307abc47c31d30
-
SHA1
8a92ffc0b3c321cb0e2dea6767febfeb27b0561e
-
SHA256
1c12627263858757c96a5c4457e80aefbf2b31679194d68f36dac0f0e3adc38b
-
SHA512
74592b99801cf3816a3ebdbb3678236de10796257630776d065f6f8363c7cddcfe400f809b6c7a635269f3460766f677a7afafa90402c51d9395920efec31b8d
-
SSDEEP
3072:8mupdge5Trqfd0rbirf36jlFB1G7bZE17ltrESDK9r:gjufylpFHGRE1019
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1