General
-
Target
84372d136837e24a12220949d9161b20_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240517-chkgbsce4y
-
MD5
84372d136837e24a12220949d9161b20
-
SHA1
1479c518301dc165fe76b8ede01c88cc83896279
-
SHA256
fae312f66e155e0a66e7d22e2baa085a8e15bfa8225fbcf34df3a20323e5b535
-
SHA512
1c9bcee58a87573f96744b90bb49051a24987a6edc217ad54b86a6ce459b6543dd69130ed08b1b726f5493cfac45a5a6ca302356d383a4c042ea6fe28c2f28fd
-
SSDEEP
1536:LZMSrRWFVkFbpJ71ptyYD4KRp/LHcprlYbe1fbF8i:lp7J7dyYEuqprIe1bF8
Static task
static1
Behavioral task
behavioral1
Sample
84372d136837e24a12220949d9161b20_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
84372d136837e24a12220949d9161b20_NeikiAnalytics.exe
-
Size
97KB
-
MD5
84372d136837e24a12220949d9161b20
-
SHA1
1479c518301dc165fe76b8ede01c88cc83896279
-
SHA256
fae312f66e155e0a66e7d22e2baa085a8e15bfa8225fbcf34df3a20323e5b535
-
SHA512
1c9bcee58a87573f96744b90bb49051a24987a6edc217ad54b86a6ce459b6543dd69130ed08b1b726f5493cfac45a5a6ca302356d383a4c042ea6fe28c2f28fd
-
SSDEEP
1536:LZMSrRWFVkFbpJ71ptyYD4KRp/LHcprlYbe1fbF8i:lp7J7dyYEuqprIe1bF8
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3