General
-
Target
cff9cd0b86c004879f6b7531427adc70_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240519-q8vxmsah75
-
MD5
cff9cd0b86c004879f6b7531427adc70
-
SHA1
ffe712f93b238b4338c5e2c907880cedd87f49bc
-
SHA256
48999ea27b785e20a46131a9949bcb8ec2cc0ba3121b46b0662f7d8cae2519fb
-
SHA512
deba332350e593de1c28ae87a46af226c5a1eb6a40cbbe02875eca1a5279400cc75e3658cde6ceff842434fd914586b25c3d5b20889d20f7d1ef5573a08ece88
-
SSDEEP
3072:rX03NLm4wulNaEl0F7p78LXG2mi9Jx88bWdI9fdMW:jYNH70FpgLXG251CdIBX
Static task
static1
Behavioral task
behavioral1
Sample
cff9cd0b86c004879f6b7531427adc70_NeikiAnalytics.dll
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
cff9cd0b86c004879f6b7531427adc70_NeikiAnalytics.exe
-
Size
120KB
-
MD5
cff9cd0b86c004879f6b7531427adc70
-
SHA1
ffe712f93b238b4338c5e2c907880cedd87f49bc
-
SHA256
48999ea27b785e20a46131a9949bcb8ec2cc0ba3121b46b0662f7d8cae2519fb
-
SHA512
deba332350e593de1c28ae87a46af226c5a1eb6a40cbbe02875eca1a5279400cc75e3658cde6ceff842434fd914586b25c3d5b20889d20f7d1ef5573a08ece88
-
SSDEEP
3072:rX03NLm4wulNaEl0F7p78LXG2mi9Jx88bWdI9fdMW:jYNH70FpgLXG251CdIBX
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5