General
-
Target
a37ab2e35adf0fafc63057fe366ef460_NeikiAnalytics.exe
-
Size
97KB
-
Sample
240519-jjmreaha5w
-
MD5
a37ab2e35adf0fafc63057fe366ef460
-
SHA1
424771b1e97c0a3bd1fff6405577417cf4be4f3e
-
SHA256
7e14dd691a0ec83442b7ab0dfba5fcdc36dae27d4b1ca69651ca61728199466f
-
SHA512
1c21e7cdf05b60fa0e3f21a1154d90f091d0a4d40863049f356a11dcfb945c335a77e7529167f9d6033ff0181f0a728c8beb6fa69977c30d3d82d3a5e7cdc0ac
-
SSDEEP
3072:NYBfafXXWYuZDCtzg7qx9GQziD7MP/zz:NMWsDCtzATtEr
Static task
static1
Behavioral task
behavioral1
Sample
a37ab2e35adf0fafc63057fe366ef460_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
a37ab2e35adf0fafc63057fe366ef460_NeikiAnalytics.exe
-
Size
97KB
-
MD5
a37ab2e35adf0fafc63057fe366ef460
-
SHA1
424771b1e97c0a3bd1fff6405577417cf4be4f3e
-
SHA256
7e14dd691a0ec83442b7ab0dfba5fcdc36dae27d4b1ca69651ca61728199466f
-
SHA512
1c21e7cdf05b60fa0e3f21a1154d90f091d0a4d40863049f356a11dcfb945c335a77e7529167f9d6033ff0181f0a728c8beb6fa69977c30d3d82d3a5e7cdc0ac
-
SSDEEP
3072:NYBfafXXWYuZDCtzg7qx9GQziD7MP/zz:NMWsDCtzATtEr
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5