General
-
Target
3e29a2119ab8a8b91f189629966068c0_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240518-ym1vrsdb46
-
MD5
3e29a2119ab8a8b91f189629966068c0
-
SHA1
e40c33799de5e7c2075ff20f6e6537f25ebedfe3
-
SHA256
064763ea4a81814efd181419fd74011c2e1f41a2c913cc31092d644f58053ab7
-
SHA512
0f6e46be4676011b07c74dae83e0e97fce52e2811a75b054c8d2e3ca58f98f2ca78e91c1d03a72c2f278db1511d5889e2268fda98876fb0dbfb2119fc46e9ebe
-
SSDEEP
3072:XeO/ouWAwOJPdHYkTqiJAl05FGDeoN3GhoLj0:w3w0k5S05FGaoAiv
Static task
static1
Behavioral task
behavioral1
Sample
3e29a2119ab8a8b91f189629966068c0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
3e29a2119ab8a8b91f189629966068c0_NeikiAnalytics.exe
-
Size
97KB
-
MD5
3e29a2119ab8a8b91f189629966068c0
-
SHA1
e40c33799de5e7c2075ff20f6e6537f25ebedfe3
-
SHA256
064763ea4a81814efd181419fd74011c2e1f41a2c913cc31092d644f58053ab7
-
SHA512
0f6e46be4676011b07c74dae83e0e97fce52e2811a75b054c8d2e3ca58f98f2ca78e91c1d03a72c2f278db1511d5889e2268fda98876fb0dbfb2119fc46e9ebe
-
SSDEEP
3072:XeO/ouWAwOJPdHYkTqiJAl05FGDeoN3GhoLj0:w3w0k5S05FGaoAiv
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5