General
-
Target
063c947da45fb10d79c71c57f21d850923507f660947e464ad36eded9e5a45a7_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-2ba2raxgqc
-
MD5
aacb313020aef4a7fef3ab99010d4fe0
-
SHA1
32db960d03f4cb86f6a9754f9b0e0d52c2d5d9f8
-
SHA256
063c947da45fb10d79c71c57f21d850923507f660947e464ad36eded9e5a45a7
-
SHA512
30504d485db5b4dc24f4fc69c160ca4666e63f12159193d16effa6278c69b01710a644e7d8ea31d73d7f70ed87dcabab1516cade71c9479e438afcc38af5ae83
-
SSDEEP
1536:qtdC9vlONWPzK1Emwdx5/UIWM/I9d9lW0HxDULltsYKp/qDC25BAQflY6mzh7bBP:q3dEPbmwJh/I9VbRUtsB2EQfGzz/0R0
Static task
static1
Behavioral task
behavioral1
Sample
063c947da45fb10d79c71c57f21d850923507f660947e464ad36eded9e5a45a7_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
063c947da45fb10d79c71c57f21d850923507f660947e464ad36eded9e5a45a7_NeikiAnalytics.exe
-
Size
120KB
-
MD5
aacb313020aef4a7fef3ab99010d4fe0
-
SHA1
32db960d03f4cb86f6a9754f9b0e0d52c2d5d9f8
-
SHA256
063c947da45fb10d79c71c57f21d850923507f660947e464ad36eded9e5a45a7
-
SHA512
30504d485db5b4dc24f4fc69c160ca4666e63f12159193d16effa6278c69b01710a644e7d8ea31d73d7f70ed87dcabab1516cade71c9479e438afcc38af5ae83
-
SSDEEP
1536:qtdC9vlONWPzK1Emwdx5/UIWM/I9d9lW0HxDULltsYKp/qDC25BAQflY6mzh7bBP:q3dEPbmwJh/I9VbRUtsB2EQfGzz/0R0
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1