General
-
Target
3c7c4fb91d8fff627be8e172b06c34af10a1a18710d4e5fc05016101b66d43b5_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-axwrsswfnc
-
MD5
e2ac3fdf10345cd2106370d97b580be0
-
SHA1
8a2c41b57c0f7a137dcbd0b7de0585bd0fb24792
-
SHA256
3c7c4fb91d8fff627be8e172b06c34af10a1a18710d4e5fc05016101b66d43b5
-
SHA512
f0e267c275377309d51123f9fe81c70626cde36e47de25bbedd2842ecb7806e249cf76e682043f3d7b38e9732800c1170a9f45a6f9a5fd14f6c92bf1a2d8fe75
-
SSDEEP
3072:Uxw6xEFUc0tWv9B9GT+f4RkYxUlNPXXtznfhQv0:U6uUp9XffJlNPXdTGv
Static task
static1
Behavioral task
behavioral1
Sample
3c7c4fb91d8fff627be8e172b06c34af10a1a18710d4e5fc05016101b66d43b5_NeikiAnalytics.dll
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
3c7c4fb91d8fff627be8e172b06c34af10a1a18710d4e5fc05016101b66d43b5_NeikiAnalytics.exe
-
Size
120KB
-
MD5
e2ac3fdf10345cd2106370d97b580be0
-
SHA1
8a2c41b57c0f7a137dcbd0b7de0585bd0fb24792
-
SHA256
3c7c4fb91d8fff627be8e172b06c34af10a1a18710d4e5fc05016101b66d43b5
-
SHA512
f0e267c275377309d51123f9fe81c70626cde36e47de25bbedd2842ecb7806e249cf76e682043f3d7b38e9732800c1170a9f45a6f9a5fd14f6c92bf1a2d8fe75
-
SSDEEP
3072:Uxw6xEFUc0tWv9B9GT+f4RkYxUlNPXXtznfhQv0:U6uUp9XffJlNPXdTGv
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1