General
-
Target
ce69688833ac0557ece29a873154e430_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240518-qszkwsdg21
-
MD5
ce69688833ac0557ece29a873154e430
-
SHA1
6cccb60543c7dc1b0597bbf0d870c189f59e6906
-
SHA256
ebd8945b153e80c9788cff4bf88bbbbb968f0e2a0fa7f65b9ed81e5f3c5e73c3
-
SHA512
4a7e096d31b34efcaa8689f1b1b85ff38b830c42cc0e781930aa0ca8bf65f5dc93725c424886e98b19dc85ef7593ec40f2d10ff6bc05f8c41530a62586e31183
-
SSDEEP
1536:ajskx1n2eSv34gWMIXGOCZ0uNH490HEHhOmTJMe9tZ9wtzuiow:awkxzk4LMI2O80uF4romWe5y9um
Static task
static1
Behavioral task
behavioral1
Sample
ce69688833ac0557ece29a873154e430_NeikiAnalytics.exe
Resource
win7-20240215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
ce69688833ac0557ece29a873154e430_NeikiAnalytics.exe
-
Size
65KB
-
MD5
ce69688833ac0557ece29a873154e430
-
SHA1
6cccb60543c7dc1b0597bbf0d870c189f59e6906
-
SHA256
ebd8945b153e80c9788cff4bf88bbbbb968f0e2a0fa7f65b9ed81e5f3c5e73c3
-
SHA512
4a7e096d31b34efcaa8689f1b1b85ff38b830c42cc0e781930aa0ca8bf65f5dc93725c424886e98b19dc85ef7593ec40f2d10ff6bc05f8c41530a62586e31183
-
SSDEEP
1536:ajskx1n2eSv34gWMIXGOCZ0uNH490HEHhOmTJMe9tZ9wtzuiow:awkxzk4LMI2O80uF4romWe5y9um
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3