General
-
Target
e6f0aa559c1fb4a4c7e0abf6a9b64ad0_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240517-k7njaabd96
-
MD5
e6f0aa559c1fb4a4c7e0abf6a9b64ad0
-
SHA1
3349e17e28ff56054df66b0cce9f6dffc1af5d72
-
SHA256
d0fe3a18bfb9b62aa295556a24da3bd5b11bb7b2699f8453fbfa3a03cc3fab9e
-
SHA512
006e8ddb1410a62f2766cef1d2cfa89c634aecba64a5a33973fec25a0f7ef3bc2e43f59d9d84f9b1334fa3c8d0540d012f64652e54115b86314741931f5b6b9e
-
SSDEEP
1536:z4PQP+EirFT2pCaVtHwZFg6JZrwOKjI0CKO2/y9/s:EPGAiPV5Epta3E9/s
Static task
static1
Behavioral task
behavioral1
Sample
e6f0aa559c1fb4a4c7e0abf6a9b64ad0_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
e6f0aa559c1fb4a4c7e0abf6a9b64ad0_NeikiAnalytics.exe
-
Size
65KB
-
MD5
e6f0aa559c1fb4a4c7e0abf6a9b64ad0
-
SHA1
3349e17e28ff56054df66b0cce9f6dffc1af5d72
-
SHA256
d0fe3a18bfb9b62aa295556a24da3bd5b11bb7b2699f8453fbfa3a03cc3fab9e
-
SHA512
006e8ddb1410a62f2766cef1d2cfa89c634aecba64a5a33973fec25a0f7ef3bc2e43f59d9d84f9b1334fa3c8d0540d012f64652e54115b86314741931f5b6b9e
-
SSDEEP
1536:z4PQP+EirFT2pCaVtHwZFg6JZrwOKjI0CKO2/y9/s:EPGAiPV5Epta3E9/s
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5