General
-
Target
b639dbe7cee2d91bab756ab3da162400_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240517-gbwm8sbh88
-
MD5
b639dbe7cee2d91bab756ab3da162400
-
SHA1
bed580242e01f241f677f885f4eb2a67ce38999a
-
SHA256
b0f6f014246a14b7ba36cb4d1cc678ffd1e32a699abad29c145ed4fa21db901b
-
SHA512
5ff3ed6ed79550ac3b5e064a4fc92bfc861f74616e2330e4b93f478cdd42ca7c2748907ff73f8914e4e8ebee50db0a7a242c556dd90b01febc0cad126cac7f63
-
SSDEEP
1536:wFdiYV966rDgXLzWnW3vzxAKlQD7mlKpm6O6FXMlF50OeUTI2N+qXyP2c9:wLMIDOzh/r27mlKVf4/reGJ+w+28
Static task
static1
Behavioral task
behavioral1
Sample
b639dbe7cee2d91bab756ab3da162400_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
b639dbe7cee2d91bab756ab3da162400_NeikiAnalytics.exe
-
Size
120KB
-
MD5
b639dbe7cee2d91bab756ab3da162400
-
SHA1
bed580242e01f241f677f885f4eb2a67ce38999a
-
SHA256
b0f6f014246a14b7ba36cb4d1cc678ffd1e32a699abad29c145ed4fa21db901b
-
SHA512
5ff3ed6ed79550ac3b5e064a4fc92bfc861f74616e2330e4b93f478cdd42ca7c2748907ff73f8914e4e8ebee50db0a7a242c556dd90b01febc0cad126cac7f63
-
SSDEEP
1536:wFdiYV966rDgXLzWnW3vzxAKlQD7mlKpm6O6FXMlF50OeUTI2N+qXyP2c9:wLMIDOzh/r27mlKVf4/reGJ+w+28
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3