General
-
Target
d8d6cca177852e0fa4f40babf143c300_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240517-j3vlcsgh7z
-
MD5
d8d6cca177852e0fa4f40babf143c300
-
SHA1
3073250de426aafaf6688c7ed733c6eb227ca9d1
-
SHA256
00cbe635abf846171537ca55cf16ce731c00df3eaa8f796bb5c1540faee4de20
-
SHA512
9844d2b7db6d2abd381dd164845b06893c533a48f1043b1ad4a66864a84e3b07035d9b73396666c2163e5c4e1d4425726af27bc0fa94e0e76b4c02fa0c8a62f3
-
SSDEEP
768:exsngl2T0XbYjavffdB4midpGMSpRCqvPGqWKymUUgC0w21UfvczaN4cVoDL3Mdk:IsDTE8javNGnqlfUUIw2Cv1of3MQd5P
Static task
static1
Behavioral task
behavioral1
Sample
d8d6cca177852e0fa4f40babf143c300_NeikiAnalytics.exe
Resource
win7-20240215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
d8d6cca177852e0fa4f40babf143c300_NeikiAnalytics.exe
-
Size
65KB
-
MD5
d8d6cca177852e0fa4f40babf143c300
-
SHA1
3073250de426aafaf6688c7ed733c6eb227ca9d1
-
SHA256
00cbe635abf846171537ca55cf16ce731c00df3eaa8f796bb5c1540faee4de20
-
SHA512
9844d2b7db6d2abd381dd164845b06893c533a48f1043b1ad4a66864a84e3b07035d9b73396666c2163e5c4e1d4425726af27bc0fa94e0e76b4c02fa0c8a62f3
-
SSDEEP
768:exsngl2T0XbYjavffdB4midpGMSpRCqvPGqWKymUUgC0w21UfvczaN4cVoDL3Mdk:IsDTE8javNGnqlfUUIw2Cv1of3MQd5P
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3