General
-
Target
55ca73fab716fa0c3e4b6644c452cba74cada2c6cded76d041e6892123f23394_NeikiAnalytics
-
Size
65KB
-
Sample
240521-qrgzfsff5x
-
MD5
96eaf008825a6444cfc27aa7a459b400
-
SHA1
85dd1db43931ac023c897fdcf9c67d5021e9d0d5
-
SHA256
55ca73fab716fa0c3e4b6644c452cba74cada2c6cded76d041e6892123f23394
-
SHA512
b562dfabc1cafaa5f56996d85c1d316da07abfae5ba06c0627d2a4c10c923baa338d618f328b677d8c701375df23510fe29d20f72db2fe13074b6a0cd5019203
-
SSDEEP
768:PJS/QNezf0EBI0X8ZlqvN7sh6t0IT11KVp7BtzT6KGBbYdWpYm5ANknXFHXguXX/:jGftmIwMeYWuO3TTdW3nZXgECoOUPJp
Static task
static1
Behavioral task
behavioral1
Sample
55ca73fab716fa0c3e4b6644c452cba74cada2c6cded76d041e6892123f23394_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
55ca73fab716fa0c3e4b6644c452cba74cada2c6cded76d041e6892123f23394_NeikiAnalytics
-
Size
65KB
-
MD5
96eaf008825a6444cfc27aa7a459b400
-
SHA1
85dd1db43931ac023c897fdcf9c67d5021e9d0d5
-
SHA256
55ca73fab716fa0c3e4b6644c452cba74cada2c6cded76d041e6892123f23394
-
SHA512
b562dfabc1cafaa5f56996d85c1d316da07abfae5ba06c0627d2a4c10c923baa338d618f328b677d8c701375df23510fe29d20f72db2fe13074b6a0cd5019203
-
SSDEEP
768:PJS/QNezf0EBI0X8ZlqvN7sh6t0IT11KVp7BtzT6KGBbYdWpYm5ANknXFHXguXX/:jGftmIwMeYWuO3TTdW3nZXgECoOUPJp
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3