General
-
Target
5fe0d578bbbcf7c5f08003090775bba0_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240519-dqmr4afe3t
-
MD5
5fe0d578bbbcf7c5f08003090775bba0
-
SHA1
dbffab12bf222acf6cd0075901f0c0dc0cd80b02
-
SHA256
0413b8de8e8d9a85550446d3db1fc3be6198fe63c79e756c108ecd04d06ae1f4
-
SHA512
66a68cf93a7f121a1fa9e1146df6d46d57fb31999c920547837dbc8408df014b6753e1eb24dde061a897017c8bf431f73cb4f9d37287db8dfbdf357550edce68
-
SSDEEP
3072:uEufQY5g+AMPkphwWtFrtsB7LCwcLaYy6:ZDSPkpxmHEaYy6
Static task
static1
Behavioral task
behavioral1
Sample
5fe0d578bbbcf7c5f08003090775bba0_NeikiAnalytics.dll
Resource
win7-20240419-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
5fe0d578bbbcf7c5f08003090775bba0_NeikiAnalytics.exe
-
Size
120KB
-
MD5
5fe0d578bbbcf7c5f08003090775bba0
-
SHA1
dbffab12bf222acf6cd0075901f0c0dc0cd80b02
-
SHA256
0413b8de8e8d9a85550446d3db1fc3be6198fe63c79e756c108ecd04d06ae1f4
-
SHA512
66a68cf93a7f121a1fa9e1146df6d46d57fb31999c920547837dbc8408df014b6753e1eb24dde061a897017c8bf431f73cb4f9d37287db8dfbdf357550edce68
-
SSDEEP
3072:uEufQY5g+AMPkphwWtFrtsB7LCwcLaYy6:ZDSPkpxmHEaYy6
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5