General
-
Target
9460c20d9335ed636acadbb4f07f67b2082af6248027758dee0720022dd7b17f_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-lbd6eaxfjr
-
MD5
476a6bbf4d9465f3c2fdfe0d52b51480
-
SHA1
3aeca15e298d759372523d9c0d9f0e8d073c7d67
-
SHA256
9460c20d9335ed636acadbb4f07f67b2082af6248027758dee0720022dd7b17f
-
SHA512
de74bbca03b47d6c682935884b5f3945aac2446845ef882f07fe4b622468197f56e15ac24df358ae0f699c896060c2862c969e88865b6e66df464cbf1a05dbec
-
SSDEEP
3072:oVZ190+IOH2g33Ov/6yZrza2UZHn6DiX478nY/aIC:0ZxVW0OayZrza2yHDX473SIC
Static task
static1
Behavioral task
behavioral1
Sample
9460c20d9335ed636acadbb4f07f67b2082af6248027758dee0720022dd7b17f_NeikiAnalytics.dll
Resource
win7-20240419-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
9460c20d9335ed636acadbb4f07f67b2082af6248027758dee0720022dd7b17f_NeikiAnalytics.exe
-
Size
120KB
-
MD5
476a6bbf4d9465f3c2fdfe0d52b51480
-
SHA1
3aeca15e298d759372523d9c0d9f0e8d073c7d67
-
SHA256
9460c20d9335ed636acadbb4f07f67b2082af6248027758dee0720022dd7b17f
-
SHA512
de74bbca03b47d6c682935884b5f3945aac2446845ef882f07fe4b622468197f56e15ac24df358ae0f699c896060c2862c969e88865b6e66df464cbf1a05dbec
-
SSDEEP
3072:oVZ190+IOH2g33Ov/6yZrza2UZHn6DiX478nY/aIC:0ZxVW0OayZrza2yHDX473SIC
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1