General
-
Target
57d087122d03ef42525442edfdad4c92964c2d79c00ae996c71e7764f0125e58_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-ds13hashmk
-
MD5
d27267938d21251129482eee5a586dd0
-
SHA1
8ec9276b937d4ac0fb339998e7614b0a3400ed1d
-
SHA256
57d087122d03ef42525442edfdad4c92964c2d79c00ae996c71e7764f0125e58
-
SHA512
9f5529abdc6e3dc7a05fef39df02a2e30259b5baf0011f2062907844f59d91f5f17264449664a2d5b2d53879f212251851465d7aa7ed4136f0b8633d1ee35ae7
-
SSDEEP
1536:bn1lJkSGxM8FhOUmI+vBVV1AzzB/hoXKkb7V/DaBIEThIi1I1l5bo:bTa3xM3I+vBD1mWXKi/DaB8ia1To
Static task
static1
Behavioral task
behavioral1
Sample
57d087122d03ef42525442edfdad4c92964c2d79c00ae996c71e7764f0125e58_NeikiAnalytics.dll
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
57d087122d03ef42525442edfdad4c92964c2d79c00ae996c71e7764f0125e58_NeikiAnalytics.exe
-
Size
120KB
-
MD5
d27267938d21251129482eee5a586dd0
-
SHA1
8ec9276b937d4ac0fb339998e7614b0a3400ed1d
-
SHA256
57d087122d03ef42525442edfdad4c92964c2d79c00ae996c71e7764f0125e58
-
SHA512
9f5529abdc6e3dc7a05fef39df02a2e30259b5baf0011f2062907844f59d91f5f17264449664a2d5b2d53879f212251851465d7aa7ed4136f0b8633d1ee35ae7
-
SSDEEP
1536:bn1lJkSGxM8FhOUmI+vBVV1AzzB/hoXKkb7V/DaBIEThIi1I1l5bo:bTa3xM3I+vBD1mWXKi/DaB8ia1To
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1