General
-
Target
2f96721596a021d7ed6d066b627c9510350c1625dc79e459dad9e415e0d5f40a_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240701-c8q2ssxcnn
-
MD5
f2ad4cc069cdccb32b055d68f181b220
-
SHA1
09807b1a57ac981c463b2b1f35589c69424ebae8
-
SHA256
2f96721596a021d7ed6d066b627c9510350c1625dc79e459dad9e415e0d5f40a
-
SHA512
36a5eeecbd694c32c759c2d88cd5a3e15ee15665e114b9f4aa447fa9485d87c474a7c612d6f337df9fa4ac25eba9927613cfa0780b52de44a7e83582e3093dcc
-
SSDEEP
1536:NXk15iErYYuXi6k4N++9aVYXMrD7KCEWWjxLPz+0wYRrxjrbxGXzl+k:9k15Ee6k4L0Vv7KXNLb+XSxjrVQzQ
Static task
static1
Behavioral task
behavioral1
Sample
2f96721596a021d7ed6d066b627c9510350c1625dc79e459dad9e415e0d5f40a_NeikiAnalytics.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
2f96721596a021d7ed6d066b627c9510350c1625dc79e459dad9e415e0d5f40a_NeikiAnalytics.exe
-
Size
97KB
-
MD5
f2ad4cc069cdccb32b055d68f181b220
-
SHA1
09807b1a57ac981c463b2b1f35589c69424ebae8
-
SHA256
2f96721596a021d7ed6d066b627c9510350c1625dc79e459dad9e415e0d5f40a
-
SHA512
36a5eeecbd694c32c759c2d88cd5a3e15ee15665e114b9f4aa447fa9485d87c474a7c612d6f337df9fa4ac25eba9927613cfa0780b52de44a7e83582e3093dcc
-
SSDEEP
1536:NXk15iErYYuXi6k4N++9aVYXMrD7KCEWWjxLPz+0wYRrxjrbxGXzl+k:9k15Ee6k4L0Vv7KXNLb+XSxjrVQzQ
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1