General
-
Target
66a7fba154ff276250f9f535786ccd1eed89b29c236148b31a432e0618e7b6b1_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-fjsqwa1epe
-
MD5
6615f571a0c6d89fec4fb418bd94a910
-
SHA1
10b53495064da961cfcbcac16dcc261c255576f2
-
SHA256
66a7fba154ff276250f9f535786ccd1eed89b29c236148b31a432e0618e7b6b1
-
SHA512
e46d9c50cb775069eb2b7dbb459a58d3df124ef77549c746d51c05693c931a3a3dc518d08da8c1307405ca9e3cf666783fc6106a4cf49780920cba2aaaf512cc
-
SSDEEP
1536:ITbwOoGtsfvlnGYlXrqNtnw9Wgq1yV0Nrk72QDv5ykzsSmG971:GcOohkYlXuNte/q9k2QDC65
Static task
static1
Behavioral task
behavioral1
Sample
66a7fba154ff276250f9f535786ccd1eed89b29c236148b31a432e0618e7b6b1_NeikiAnalytics.dll
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
66a7fba154ff276250f9f535786ccd1eed89b29c236148b31a432e0618e7b6b1_NeikiAnalytics.exe
-
Size
120KB
-
MD5
6615f571a0c6d89fec4fb418bd94a910
-
SHA1
10b53495064da961cfcbcac16dcc261c255576f2
-
SHA256
66a7fba154ff276250f9f535786ccd1eed89b29c236148b31a432e0618e7b6b1
-
SHA512
e46d9c50cb775069eb2b7dbb459a58d3df124ef77549c746d51c05693c931a3a3dc518d08da8c1307405ca9e3cf666783fc6106a4cf49780920cba2aaaf512cc
-
SSDEEP
1536:ITbwOoGtsfvlnGYlXrqNtnw9Wgq1yV0Nrk72QDv5ykzsSmG971:GcOohkYlXuNte/q9k2QDC65
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1