General
-
Target
0656965d2bb2dbcee45143f06b83b1f0_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240516-wh338age8x
-
MD5
0656965d2bb2dbcee45143f06b83b1f0
-
SHA1
f72360e08523589dced09fc13d47cfd4045aaaeb
-
SHA256
66d973177e9ac93cdb2c92a9d8bde0fa6b405087e6c7c2464a901daf5d70ced7
-
SHA512
fe781dce021208b3f7a045315c1e10c3bb903e4a163695a123e728c0279dca719b29d576fec2b80548ddaa252bc8e331f47d2112f477ffa95d9a0b43634fb809
-
SSDEEP
1536:I2vGblVsmUmw96HhJqFyFBzuhMVtlqPMjTsH+Y/rErQpRseLE8dMo1sHnYTy:obYmUmwsGFCzuhOto2c+Y/rEcJMouHCy
Static task
static1
Behavioral task
behavioral1
Sample
0656965d2bb2dbcee45143f06b83b1f0_NeikiAnalytics.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0656965d2bb2dbcee45143f06b83b1f0_NeikiAnalytics.exe
-
Size
97KB
-
MD5
0656965d2bb2dbcee45143f06b83b1f0
-
SHA1
f72360e08523589dced09fc13d47cfd4045aaaeb
-
SHA256
66d973177e9ac93cdb2c92a9d8bde0fa6b405087e6c7c2464a901daf5d70ced7
-
SHA512
fe781dce021208b3f7a045315c1e10c3bb903e4a163695a123e728c0279dca719b29d576fec2b80548ddaa252bc8e331f47d2112f477ffa95d9a0b43634fb809
-
SSDEEP
1536:I2vGblVsmUmw96HhJqFyFBzuhMVtlqPMjTsH+Y/rErQpRseLE8dMo1sHnYTy:obYmUmwsGFCzuhOto2c+Y/rEcJMouHCy
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3