General
-
Target
b8b6eb09332ab1464b3fd798a6a60190_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240517-gj5k4scc2y
-
MD5
b8b6eb09332ab1464b3fd798a6a60190
-
SHA1
36f578cf5b2c134129bc095ab0a993c22e788ebd
-
SHA256
b032cdb1f153b2d5581b37a7097b967f5cefe45e6fc7a8173c22825aca035b0b
-
SHA512
f6e5cc24a77a8c01434f9724c45f27528145f452bd86fae3a92b46f4a14fe86975dd06182a8fe0e64b3e2fcc4a6e009f396779fd0845b797aaaf8bd6d4bfcc68
-
SSDEEP
1536:ljhxSzK6RLnv5Pv1YJVo54jTLo/J/AZxhZrxkdtHAgr:ljhxsTRL3YJVVjTLTxJgHAgr
Static task
static1
Behavioral task
behavioral1
Sample
b8b6eb09332ab1464b3fd798a6a60190_NeikiAnalytics.exe
Resource
win7-20240215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
b8b6eb09332ab1464b3fd798a6a60190_NeikiAnalytics.exe
-
Size
65KB
-
MD5
b8b6eb09332ab1464b3fd798a6a60190
-
SHA1
36f578cf5b2c134129bc095ab0a993c22e788ebd
-
SHA256
b032cdb1f153b2d5581b37a7097b967f5cefe45e6fc7a8173c22825aca035b0b
-
SHA512
f6e5cc24a77a8c01434f9724c45f27528145f452bd86fae3a92b46f4a14fe86975dd06182a8fe0e64b3e2fcc4a6e009f396779fd0845b797aaaf8bd6d4bfcc68
-
SSDEEP
1536:ljhxSzK6RLnv5Pv1YJVo54jTLo/J/AZxhZrxkdtHAgr:ljhxsTRL3YJVVjTLTxJgHAgr
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3