General
-
Target
998868d83112ec4357a8d36cf81118af7b5772e9e7db82299cb3ba336fecdb9d_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240629-lspngavele
-
MD5
cb43ee16e84583a178e1eecf5b424e20
-
SHA1
88c752852077d9fd71352e6bc87898eef338a704
-
SHA256
998868d83112ec4357a8d36cf81118af7b5772e9e7db82299cb3ba336fecdb9d
-
SHA512
196727687d1e3723ed26f29ed407f730be7f7e6550e3c9c3a40335c6ee66dbede3ff70427ee1caea99d23e1d655042d4b956ae95cc7c93a27d500877a137e500
-
SSDEEP
3072:2yPVVGK15FqjDrk0x4rm+HRGwzGQTGbd+AfCSVyd2yAHI:90YoQDrmqRQpoAfCaE
Static task
static1
Behavioral task
behavioral1
Sample
998868d83112ec4357a8d36cf81118af7b5772e9e7db82299cb3ba336fecdb9d_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
998868d83112ec4357a8d36cf81118af7b5772e9e7db82299cb3ba336fecdb9d_NeikiAnalytics.exe
-
Size
120KB
-
MD5
cb43ee16e84583a178e1eecf5b424e20
-
SHA1
88c752852077d9fd71352e6bc87898eef338a704
-
SHA256
998868d83112ec4357a8d36cf81118af7b5772e9e7db82299cb3ba336fecdb9d
-
SHA512
196727687d1e3723ed26f29ed407f730be7f7e6550e3c9c3a40335c6ee66dbede3ff70427ee1caea99d23e1d655042d4b956ae95cc7c93a27d500877a137e500
-
SSDEEP
3072:2yPVVGK15FqjDrk0x4rm+HRGwzGQTGbd+AfCSVyd2yAHI:90YoQDrmqRQpoAfCaE
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1