General
-
Target
e94ae2634735e53e0061ec4914335c40_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240517-mhb53aea66
-
MD5
e94ae2634735e53e0061ec4914335c40
-
SHA1
30b679c82db162af47c7ab38087fd8d2f9af927f
-
SHA256
499f09ee9cee02dceb06e6127251b0099b374881eab20e9442aa782189fe1ea6
-
SHA512
0c5f8672e3fbe2c6748d3f845ba7f7c9b609a6b620444065564395f8e5ad5fbfc6657e0160b4435e3c4ae0c148460cd7ac4e0ffb2245af00c0c6f6e912a0c92f
-
SSDEEP
3072:B39I6MMt/7vACLJ6eubqT1YJQmoSv8oSknXKjS7cv:p9dpfYDboYJsSv8hkn6e
Static task
static1
Behavioral task
behavioral1
Sample
e94ae2634735e53e0061ec4914335c40_NeikiAnalytics.dll
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
e94ae2634735e53e0061ec4914335c40_NeikiAnalytics.exe
-
Size
120KB
-
MD5
e94ae2634735e53e0061ec4914335c40
-
SHA1
30b679c82db162af47c7ab38087fd8d2f9af927f
-
SHA256
499f09ee9cee02dceb06e6127251b0099b374881eab20e9442aa782189fe1ea6
-
SHA512
0c5f8672e3fbe2c6748d3f845ba7f7c9b609a6b620444065564395f8e5ad5fbfc6657e0160b4435e3c4ae0c148460cd7ac4e0ffb2245af00c0c6f6e912a0c92f
-
SSDEEP
3072:B39I6MMt/7vACLJ6eubqT1YJQmoSv8oSknXKjS7cv:p9dpfYDboYJsSv8hkn6e
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5