General
-
Target
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240630-17qxea1ank
-
MD5
7144b38532c87843b7f66325935cf410
-
SHA1
b9c8faff7e2991498dfad842abd0b66e16a1ef01
-
SHA256
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f
-
SHA512
5ae28fe7340445f729ea468d750994b916d568666d90fe32ac538e6edb54839a1e68e87ff1bf2466c9d83d2f38b412b7c9cbdfce134165fe6c4289053900e95c
-
SSDEEP
3072:HP4/LEiEUW01B4vmphKuLJuRfCnLJ+fzsTFO:v4/AiEURBWmf9mfCnLJ+fzs
Static task
static1
Behavioral task
behavioral1
Sample
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f_NeikiAnalytics.exe
-
Size
120KB
-
MD5
7144b38532c87843b7f66325935cf410
-
SHA1
b9c8faff7e2991498dfad842abd0b66e16a1ef01
-
SHA256
1e63211cb2505503947837110fe0e38007fd26f1430dcc86be48560dfaf80d4f
-
SHA512
5ae28fe7340445f729ea468d750994b916d568666d90fe32ac538e6edb54839a1e68e87ff1bf2466c9d83d2f38b412b7c9cbdfce134165fe6c4289053900e95c
-
SSDEEP
3072:HP4/LEiEUW01B4vmphKuLJuRfCnLJ+fzsTFO:v4/AiEURBWmf9mfCnLJ+fzs
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1