General
-
Target
d7482856356ba5eaa99a9b31e27b1da0_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240518-rspalafh57
-
MD5
d7482856356ba5eaa99a9b31e27b1da0
-
SHA1
d1e5c06a21f85753335134fb769d5af1f2b2f960
-
SHA256
ec0398121807170f8d46b94adc67331ebd4d7ae0654e60d9b2cc797f017f0606
-
SHA512
0bb279c031f484a00c24332412f64b4bb621eca1eda5c512a6b1a1305830b2fd1ddcf941967be9933c78baae9061cbd158f590c5d118b56a9d66fbb09bd05c76
-
SSDEEP
1536:NM7KWetpU3dlJeG6x91fBSpBR4a9+RluX1/3GuZrvRLs3WOnAFaVP3O0gC:67KVDUtlJeGONSp7P+buX1uuZyP3pgC
Static task
static1
Behavioral task
behavioral1
Sample
d7482856356ba5eaa99a9b31e27b1da0_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
d7482856356ba5eaa99a9b31e27b1da0_NeikiAnalytics.exe
-
Size
120KB
-
MD5
d7482856356ba5eaa99a9b31e27b1da0
-
SHA1
d1e5c06a21f85753335134fb769d5af1f2b2f960
-
SHA256
ec0398121807170f8d46b94adc67331ebd4d7ae0654e60d9b2cc797f017f0606
-
SHA512
0bb279c031f484a00c24332412f64b4bb621eca1eda5c512a6b1a1305830b2fd1ddcf941967be9933c78baae9061cbd158f590c5d118b56a9d66fbb09bd05c76
-
SSDEEP
1536:NM7KWetpU3dlJeG6x91fBSpBR4a9+RluX1/3GuZrvRLs3WOnAFaVP3O0gC:67KVDUtlJeGONSp7P+buX1uuZyP3pgC
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3