General
-
Target
387ea5cba0304ea7cface2ecd2439ce3fea5eb15672d2367c7ca52f3e72da3c8_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240701-f22rhaxdkb
-
MD5
8be17b47ed444d820c8646e85b4f3b20
-
SHA1
f28fa390ed85b675ce9747212b2bbef90aa35dbc
-
SHA256
387ea5cba0304ea7cface2ecd2439ce3fea5eb15672d2367c7ca52f3e72da3c8
-
SHA512
52d4a099dd3109142f59cf0ce8e8de0127cdd4f6477f03c1a804182f2ffe4ae4ba30ab86241e44e966c90715d22529f2c168ba2d5531e26362320f238d0cd1c0
-
SSDEEP
3072:e5stVdchoisZ2/GCg9aMVb7vy5g5tdYooK:DtVKSbEG/aMtymZro
Static task
static1
Behavioral task
behavioral1
Sample
387ea5cba0304ea7cface2ecd2439ce3fea5eb15672d2367c7ca52f3e72da3c8_NeikiAnalytics.dll
Resource
win7-20240611-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
387ea5cba0304ea7cface2ecd2439ce3fea5eb15672d2367c7ca52f3e72da3c8_NeikiAnalytics.exe
-
Size
120KB
-
MD5
8be17b47ed444d820c8646e85b4f3b20
-
SHA1
f28fa390ed85b675ce9747212b2bbef90aa35dbc
-
SHA256
387ea5cba0304ea7cface2ecd2439ce3fea5eb15672d2367c7ca52f3e72da3c8
-
SHA512
52d4a099dd3109142f59cf0ce8e8de0127cdd4f6477f03c1a804182f2ffe4ae4ba30ab86241e44e966c90715d22529f2c168ba2d5531e26362320f238d0cd1c0
-
SSDEEP
3072:e5stVdchoisZ2/GCg9aMVb7vy5g5tdYooK:DtVKSbEG/aMtymZro
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1