General
-
Target
b9d40ccd1c8f9ea40fde1a87e53d4060_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240517-gmrtesce95
-
MD5
b9d40ccd1c8f9ea40fde1a87e53d4060
-
SHA1
b83c499ecf51a81d58ec27c662536b8f4439a0f6
-
SHA256
4b24ecf3367de6694027039009e22a6a84184f08a060c2709d7273342021e801
-
SHA512
9955863989cf09e7f9d4250ec3d0d6394185ea908295ba5c70534d06837810dad4b8df2bf9403885a6eb11ad68967e5d76974ca7310d2de0e49d44452272566d
-
SSDEEP
1536:6IdmyCJct5d3Ow/SJp/mxl2GfxzG0uRUUshIW:6IpoczX/Sr/mxl2GJGPUUK
Static task
static1
Behavioral task
behavioral1
Sample
b9d40ccd1c8f9ea40fde1a87e53d4060_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
b9d40ccd1c8f9ea40fde1a87e53d4060_NeikiAnalytics.exe
-
Size
65KB
-
MD5
b9d40ccd1c8f9ea40fde1a87e53d4060
-
SHA1
b83c499ecf51a81d58ec27c662536b8f4439a0f6
-
SHA256
4b24ecf3367de6694027039009e22a6a84184f08a060c2709d7273342021e801
-
SHA512
9955863989cf09e7f9d4250ec3d0d6394185ea908295ba5c70534d06837810dad4b8df2bf9403885a6eb11ad68967e5d76974ca7310d2de0e49d44452272566d
-
SSDEEP
1536:6IdmyCJct5d3Ow/SJp/mxl2GfxzG0uRUUshIW:6IpoczX/Sr/mxl2GJGPUUK
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3