General
-
Target
0f3cd7ff844b8c42f056f83755690530_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240519-wnz9hsag2s
-
MD5
0f3cd7ff844b8c42f056f83755690530
-
SHA1
c995922a56dc0e75eb7dd5655782d1594c1fa957
-
SHA256
07c70032676231b6d4682e26c7f675059e1392660cd054374b5f4fb54d7df9f5
-
SHA512
da14ff552e161f436f68a45e6f1d78643b870738d076b984ee5db1601dee8ffc1c80ef963ca9fe2e7205270690476361a4220b131017c365c2996fa9d530ca4f
-
SSDEEP
1536:j1WNDxp3NFaoZql/GVK+KdQKLpnmX0Lgn9K+:5qf3bJql/GVKnQKLdmX0Lg9K+
Static task
static1
Behavioral task
behavioral1
Sample
0f3cd7ff844b8c42f056f83755690530_NeikiAnalytics.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0f3cd7ff844b8c42f056f83755690530_NeikiAnalytics.exe
-
Size
65KB
-
MD5
0f3cd7ff844b8c42f056f83755690530
-
SHA1
c995922a56dc0e75eb7dd5655782d1594c1fa957
-
SHA256
07c70032676231b6d4682e26c7f675059e1392660cd054374b5f4fb54d7df9f5
-
SHA512
da14ff552e161f436f68a45e6f1d78643b870738d076b984ee5db1601dee8ffc1c80ef963ca9fe2e7205270690476361a4220b131017c365c2996fa9d530ca4f
-
SSDEEP
1536:j1WNDxp3NFaoZql/GVK+KdQKLpnmX0Lgn9K+:5qf3bJql/GVKnQKLdmX0Lg9K+
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3