General
-
Target
a025580c6453e059268d0310d49b5c80_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240518-gw843afb79
-
MD5
a025580c6453e059268d0310d49b5c80
-
SHA1
a686a556f1f573f8f8150b0c9a65f3df92ff90f7
-
SHA256
79f89fa3ce36b78ff242136cd948823989b978e17dd496c79bd7314c4a628987
-
SHA512
660529b178e191739d666127e0777b5097b1d4285ec3a98f2c0954138358e3f3f9524e3293f3717897ed13910c8556eb1e623292a94f1ff596b094f2adda76c6
-
SSDEEP
1536:wP0CU4UR2IU7R4z+gxxlz8gCpOzBLQSiaUak+ChD6e8Hdk:wP35t14aelvzFfiap/CmTHdk
Static task
static1
Behavioral task
behavioral1
Sample
a025580c6453e059268d0310d49b5c80_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a025580c6453e059268d0310d49b5c80_NeikiAnalytics.exe
-
Size
65KB
-
MD5
a025580c6453e059268d0310d49b5c80
-
SHA1
a686a556f1f573f8f8150b0c9a65f3df92ff90f7
-
SHA256
79f89fa3ce36b78ff242136cd948823989b978e17dd496c79bd7314c4a628987
-
SHA512
660529b178e191739d666127e0777b5097b1d4285ec3a98f2c0954138358e3f3f9524e3293f3717897ed13910c8556eb1e623292a94f1ff596b094f2adda76c6
-
SSDEEP
1536:wP0CU4UR2IU7R4z+gxxlz8gCpOzBLQSiaUak+ChD6e8Hdk:wP35t14aelvzFfiap/CmTHdk
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5