General
-
Target
23734d7a5922bf74e912246b7515f09a23997b37c2ad88e2024514abd38c98c6_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240630-3lh1saygrb
-
MD5
aae61b49c5987663d776ade89f89f4a0
-
SHA1
06818c92b72fd06d719571d27a9fd4c49fe2c70f
-
SHA256
23734d7a5922bf74e912246b7515f09a23997b37c2ad88e2024514abd38c98c6
-
SHA512
d720eaa9a4c80b96f785e0e10b0b7192de639d97a5db4181b8266e2e4f45a83db396ff510dfe65a0f9ea9e9ffbbf0d67766655568e16312ccfc0b89146dec5dd
-
SSDEEP
1536:+kpH0vSJcPK0XpwszisLFloFQvp4dmTvkvWFYB/m/JTDuzlaVz0HIEWMsyz:FpUvSmpwQLFloCvOmTZFIlegoEK
Static task
static1
Behavioral task
behavioral1
Sample
23734d7a5922bf74e912246b7515f09a23997b37c2ad88e2024514abd38c98c6_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
23734d7a5922bf74e912246b7515f09a23997b37c2ad88e2024514abd38c98c6_NeikiAnalytics.exe
-
Size
120KB
-
MD5
aae61b49c5987663d776ade89f89f4a0
-
SHA1
06818c92b72fd06d719571d27a9fd4c49fe2c70f
-
SHA256
23734d7a5922bf74e912246b7515f09a23997b37c2ad88e2024514abd38c98c6
-
SHA512
d720eaa9a4c80b96f785e0e10b0b7192de639d97a5db4181b8266e2e4f45a83db396ff510dfe65a0f9ea9e9ffbbf0d67766655568e16312ccfc0b89146dec5dd
-
SSDEEP
1536:+kpH0vSJcPK0XpwszisLFloFQvp4dmTvkvWFYB/m/JTDuzlaVz0HIEWMsyz:FpUvSmpwQLFloCvOmTZFIlegoEK
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1