General
-
Target
32c5ce38eb5211e5c04d1d83cb826660_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240516-zrhenaga39
-
MD5
32c5ce38eb5211e5c04d1d83cb826660
-
SHA1
3cc1bc7293512ba5da3d67bc6edb1f440efb0b02
-
SHA256
8d387edffb44241601bcbe8b5d49154ad956df903c519bdd54aa43134d50ab55
-
SHA512
127e600b4a8510115a356b4ba538bac906f6834912aa2c6c9904ba973e7e6afe5604e26aa91917f7cc2c70edfa4b1c39b7df4a572adc0aa3d50c0e0c39d4b25d
-
SSDEEP
1536:65O0EIMByraoXvbYG1LHITcvUEm1F7P5HpS1TN9zytxWhB+42l:68xzByrL/bYE6pEm1xSpcxkB+F
Static task
static1
Behavioral task
behavioral1
Sample
32c5ce38eb5211e5c04d1d83cb826660_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
32c5ce38eb5211e5c04d1d83cb826660_NeikiAnalytics.exe
-
Size
97KB
-
MD5
32c5ce38eb5211e5c04d1d83cb826660
-
SHA1
3cc1bc7293512ba5da3d67bc6edb1f440efb0b02
-
SHA256
8d387edffb44241601bcbe8b5d49154ad956df903c519bdd54aa43134d50ab55
-
SHA512
127e600b4a8510115a356b4ba538bac906f6834912aa2c6c9904ba973e7e6afe5604e26aa91917f7cc2c70edfa4b1c39b7df4a572adc0aa3d50c0e0c39d4b25d
-
SSDEEP
1536:65O0EIMByraoXvbYG1LHITcvUEm1F7P5HpS1TN9zytxWhB+42l:68xzByrL/bYE6pEm1xSpcxkB+F
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3