General
-
Target
3415e3207b3bf988cf8d7c517b8e0ea89523b3538b2ea02c49bf4a992e3a5d36_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240701-enffnsyglp
-
MD5
17d65cf494ee651df6559d61dc465f90
-
SHA1
60f0aa8c26fb59bd4f3eef8d6ddce9c6ca978a97
-
SHA256
3415e3207b3bf988cf8d7c517b8e0ea89523b3538b2ea02c49bf4a992e3a5d36
-
SHA512
994ff7d5b491bc566ee047a56fd5b343dc4b757c97b9d96ae10158893a193094a0de86541aa53ab1c51879cd5072b3b7c192c4c9d52b8036557d885281ab3f9c
-
SSDEEP
1536:ucDHCT5NjJ8n2+IZmaFOsm2f1cBQruE/nOKfJgqOfMuom0PD9qLK8t7SIh1k:uDT5dm2+BiSQfnOKfLuopxip
Static task
static1
Behavioral task
behavioral1
Sample
3415e3207b3bf988cf8d7c517b8e0ea89523b3538b2ea02c49bf4a992e3a5d36_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
3415e3207b3bf988cf8d7c517b8e0ea89523b3538b2ea02c49bf4a992e3a5d36_NeikiAnalytics.exe
-
Size
120KB
-
MD5
17d65cf494ee651df6559d61dc465f90
-
SHA1
60f0aa8c26fb59bd4f3eef8d6ddce9c6ca978a97
-
SHA256
3415e3207b3bf988cf8d7c517b8e0ea89523b3538b2ea02c49bf4a992e3a5d36
-
SHA512
994ff7d5b491bc566ee047a56fd5b343dc4b757c97b9d96ae10158893a193094a0de86541aa53ab1c51879cd5072b3b7c192c4c9d52b8036557d885281ab3f9c
-
SSDEEP
1536:ucDHCT5NjJ8n2+IZmaFOsm2f1cBQruE/nOKfJgqOfMuom0PD9qLK8t7SIh1k:uDT5dm2+BiSQfnOKfLuopxip
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1