General
-
Target
1860930a81d9618d1ad1c20a39adba467b409c3d22924ce5919932f102bfe3d9_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240630-zj632svekh
-
MD5
855a6dc3465d392a7549e8e5a8b377c0
-
SHA1
dcd7ac8a2a24217dbfa2532d8fa9cb04cd8859d2
-
SHA256
1860930a81d9618d1ad1c20a39adba467b409c3d22924ce5919932f102bfe3d9
-
SHA512
81483871dfc3dfb517a0b86cc387403207775026917a2f521a321d731953dae3849b8787193b724a7a90bfbab4bb03615cc2715a8a68ed0f0611416284d75f44
-
SSDEEP
1536:KQ7U7CSpMllfEJepPJHUWssFT2SGiSKPTBG4xRY7s++wjY9iupV9o:KkOSpJHB8SGiSQTBG4XawXLo
Static task
static1
Behavioral task
behavioral1
Sample
1860930a81d9618d1ad1c20a39adba467b409c3d22924ce5919932f102bfe3d9_NeikiAnalytics.dll
Resource
win7-20240419-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
1860930a81d9618d1ad1c20a39adba467b409c3d22924ce5919932f102bfe3d9_NeikiAnalytics.exe
-
Size
120KB
-
MD5
855a6dc3465d392a7549e8e5a8b377c0
-
SHA1
dcd7ac8a2a24217dbfa2532d8fa9cb04cd8859d2
-
SHA256
1860930a81d9618d1ad1c20a39adba467b409c3d22924ce5919932f102bfe3d9
-
SHA512
81483871dfc3dfb517a0b86cc387403207775026917a2f521a321d731953dae3849b8787193b724a7a90bfbab4bb03615cc2715a8a68ed0f0611416284d75f44
-
SSDEEP
1536:KQ7U7CSpMllfEJepPJHUWssFT2SGiSKPTBG4xRY7s++wjY9iupV9o:KkOSpJHB8SGiSQTBG4XawXLo
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1