General
-
Target
d937cbac4c3453da1d106acbf5614730_NeikiAnalytics
-
Size
120KB
-
Sample
240516-sbsgcsab35
-
MD5
d937cbac4c3453da1d106acbf5614730
-
SHA1
22b284e66b7876e4e39faec286abaf38b9048706
-
SHA256
62ff0a3e3ca95b1f178b5bc531725a3561f2b4f0d55fa0618ca220b26481bcb3
-
SHA512
e65fe35494a2b3d920ad9e9d7b607c8b54f07049f6bd205e42b86c5862919ba431adf585c2c6e5547643084c06ebcebcbdaf294841f44955439ef9e5217b1b1b
-
SSDEEP
1536:d/hdnoLcNrt0zBK6RcpndU8wHT6TP8QxpjUL5jGD6E4qiTgZbWzG2:NfoL60zc62pdU8GT6T0Qxpje0D147gp
Static task
static1
Behavioral task
behavioral1
Sample
d937cbac4c3453da1d106acbf5614730_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
d937cbac4c3453da1d106acbf5614730_NeikiAnalytics
-
Size
120KB
-
MD5
d937cbac4c3453da1d106acbf5614730
-
SHA1
22b284e66b7876e4e39faec286abaf38b9048706
-
SHA256
62ff0a3e3ca95b1f178b5bc531725a3561f2b4f0d55fa0618ca220b26481bcb3
-
SHA512
e65fe35494a2b3d920ad9e9d7b607c8b54f07049f6bd205e42b86c5862919ba431adf585c2c6e5547643084c06ebcebcbdaf294841f44955439ef9e5217b1b1b
-
SSDEEP
1536:d/hdnoLcNrt0zBK6RcpndU8wHT6TP8QxpjUL5jGD6E4qiTgZbWzG2:NfoL60zc62pdU8GT6T0Qxpje0D147gp
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3