General
-
Target
fc765bcc82fe5404cb1eb1c77fca01d0_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240519-vnl68agg94
-
MD5
fc765bcc82fe5404cb1eb1c77fca01d0
-
SHA1
4787adb9df31db9e232123c113e53928a1dd078b
-
SHA256
4fd169508e018f6421c4ac11d8a3f79ea819557b54e9016ce69d38eb403b5a7c
-
SHA512
6bce75e9ea53a0cfcce59f378ce1caa1d9968b6f7eba22f7a7149091025fce99253e5a0b99b3d52672bdf11756a2d215bddc8462224dc24f4208bf3d1300e280
-
SSDEEP
3072:6E0PdUU2aGsd/xBAJ7c8ZC2l/VJe/Lag2vnESz4wX4:sSUcsdAiWC2lq/LagqDz4U4
Static task
static1
Behavioral task
behavioral1
Sample
fc765bcc82fe5404cb1eb1c77fca01d0_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
fc765bcc82fe5404cb1eb1c77fca01d0_NeikiAnalytics.exe
-
Size
120KB
-
MD5
fc765bcc82fe5404cb1eb1c77fca01d0
-
SHA1
4787adb9df31db9e232123c113e53928a1dd078b
-
SHA256
4fd169508e018f6421c4ac11d8a3f79ea819557b54e9016ce69d38eb403b5a7c
-
SHA512
6bce75e9ea53a0cfcce59f378ce1caa1d9968b6f7eba22f7a7149091025fce99253e5a0b99b3d52672bdf11756a2d215bddc8462224dc24f4208bf3d1300e280
-
SSDEEP
3072:6E0PdUU2aGsd/xBAJ7c8ZC2l/VJe/Lag2vnESz4wX4:sSUcsdAiWC2lq/LagqDz4U4
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3