General
-
Target
578c68a7df9338487e998a78474257b81982c8121c37b74f973a3c0b8a974cc1_NeikiAnalytics
-
Size
97KB
-
Sample
240521-qxq5bafh51
-
MD5
4061e4ff0fc30bf24804819db578cf90
-
SHA1
8d2c4f65da42dcf293d49353c326feb7514b6f37
-
SHA256
578c68a7df9338487e998a78474257b81982c8121c37b74f973a3c0b8a974cc1
-
SHA512
13080265e09a4bb78a22e07d57e7b76b39eede86a5a658bfd82761fb336e3a7451ea53da6addfccdcfd2508db69fe0a962e27e64d594930e4a2ab9a47081bb35
-
SSDEEP
1536:iL+EBbWkWhkAfTqL2evDa7MCc2fsVB0bJA8ONRuZgjyGR/E2/h1RRWW:ilBCx7m6EE6BQAPLmQxqW
Static task
static1
Behavioral task
behavioral1
Sample
578c68a7df9338487e998a78474257b81982c8121c37b74f973a3c0b8a974cc1_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
578c68a7df9338487e998a78474257b81982c8121c37b74f973a3c0b8a974cc1_NeikiAnalytics
-
Size
97KB
-
MD5
4061e4ff0fc30bf24804819db578cf90
-
SHA1
8d2c4f65da42dcf293d49353c326feb7514b6f37
-
SHA256
578c68a7df9338487e998a78474257b81982c8121c37b74f973a3c0b8a974cc1
-
SHA512
13080265e09a4bb78a22e07d57e7b76b39eede86a5a658bfd82761fb336e3a7451ea53da6addfccdcfd2508db69fe0a962e27e64d594930e4a2ab9a47081bb35
-
SSDEEP
1536:iL+EBbWkWhkAfTqL2evDa7MCc2fsVB0bJA8ONRuZgjyGR/E2/h1RRWW:ilBCx7m6EE6BQAPLmQxqW
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3