General
-
Target
8951b3e0a23ec95f9f7a0c278444e490_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240519-gmz5ssdd7z
-
MD5
8951b3e0a23ec95f9f7a0c278444e490
-
SHA1
5b47371f8bc87e2b735c9a1ebfd95841a18f7a54
-
SHA256
7dd6b7f12b15bd74e9f0b8682f07f0ae20c488f1bbb6b252409ed60870762aa1
-
SHA512
cbadbd7b623f72724c6f32c0fc4c667c3246836544ca46fb290a7601176dbac1e8a9eb467401bf7841cdd74283f27a8d4975cdf4d046fae2b32e47074a845195
-
SSDEEP
1536:MOGtfIvMTC+GiGB8pgqxTmPhOgABAbvQY8:MOGSrB8pxToh1dW
Static task
static1
Behavioral task
behavioral1
Sample
8951b3e0a23ec95f9f7a0c278444e490_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
8951b3e0a23ec95f9f7a0c278444e490_NeikiAnalytics.exe
-
Size
65KB
-
MD5
8951b3e0a23ec95f9f7a0c278444e490
-
SHA1
5b47371f8bc87e2b735c9a1ebfd95841a18f7a54
-
SHA256
7dd6b7f12b15bd74e9f0b8682f07f0ae20c488f1bbb6b252409ed60870762aa1
-
SHA512
cbadbd7b623f72724c6f32c0fc4c667c3246836544ca46fb290a7601176dbac1e8a9eb467401bf7841cdd74283f27a8d4975cdf4d046fae2b32e47074a845195
-
SSDEEP
1536:MOGtfIvMTC+GiGB8pgqxTmPhOgABAbvQY8:MOGSrB8pxToh1dW
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3