General
-
Target
ca5c31ac97fef4c6142e866cce84de10_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240519-qshmdaad73
-
MD5
ca5c31ac97fef4c6142e866cce84de10
-
SHA1
d60be2808f3b3f64b314fd8c2d1a1d963afc17dd
-
SHA256
889a59e2cca36d2b5547520749c9c8a09351b944a97f5ddd75aa2eee8537e4b9
-
SHA512
035036d7dc3e2774939f3417d01ea717357af3251d59730009738414b6bdcc9aa7e08ddabe5f5436abf7565ef40af6aa928176527b2525997b70e510fc2d421d
-
SSDEEP
1536:Wz8fRNuY7UcBWmUJgt7ZxbzJh0f7ICdonks:/2KWbmt1xBuICOb
Static task
static1
Behavioral task
behavioral1
Sample
ca5c31ac97fef4c6142e866cce84de10_NeikiAnalytics.exe
Resource
win7-20240419-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
ca5c31ac97fef4c6142e866cce84de10_NeikiAnalytics.exe
-
Size
65KB
-
MD5
ca5c31ac97fef4c6142e866cce84de10
-
SHA1
d60be2808f3b3f64b314fd8c2d1a1d963afc17dd
-
SHA256
889a59e2cca36d2b5547520749c9c8a09351b944a97f5ddd75aa2eee8537e4b9
-
SHA512
035036d7dc3e2774939f3417d01ea717357af3251d59730009738414b6bdcc9aa7e08ddabe5f5436abf7565ef40af6aa928176527b2525997b70e510fc2d421d
-
SSDEEP
1536:Wz8fRNuY7UcBWmUJgt7ZxbzJh0f7ICdonks:/2KWbmt1xBuICOb
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5