General
-
Target
b61dabb8f6a587e615e508ed16acc13e_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240517-gbhflsbf9x
-
MD5
b61dabb8f6a587e615e508ed16acc13e
-
SHA1
c9dcece1bd2862cab21173aa5c5286e04e96b570
-
SHA256
72b2eac405bfd7dac9f56019c6f486105866df7076e6971fd46bc93454a44d1b
-
SHA512
602232e170b8b5f6fcafbb2f33571cd9d82664e6971ab1aa425b185236baa070b14981c2a9c279aae197f2c98eb9c668df028955e678ccd296f373d1e59b737b
-
SSDEEP
1536:wypnnQtL+4gFpTBc1mXofbFa2q6phB5COmD0L16IjkID6YDn:bKngDNckWbFL1SOd16I1n
Static task
static1
Behavioral task
behavioral1
Sample
b61dabb8f6a587e615e508ed16acc13e_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
b61dabb8f6a587e615e508ed16acc13e_NeikiAnalytics.exe
-
Size
65KB
-
MD5
b61dabb8f6a587e615e508ed16acc13e
-
SHA1
c9dcece1bd2862cab21173aa5c5286e04e96b570
-
SHA256
72b2eac405bfd7dac9f56019c6f486105866df7076e6971fd46bc93454a44d1b
-
SHA512
602232e170b8b5f6fcafbb2f33571cd9d82664e6971ab1aa425b185236baa070b14981c2a9c279aae197f2c98eb9c668df028955e678ccd296f373d1e59b737b
-
SSDEEP
1536:wypnnQtL+4gFpTBc1mXofbFa2q6phB5COmD0L16IjkID6YDn:bKngDNckWbFL1SOd16I1n
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3