General
-
Target
307ae20135569c40cb81f59439435120_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240522-qg979acf58
-
MD5
307ae20135569c40cb81f59439435120
-
SHA1
7bcc3bfc50c6fe7c1bb9e8a426cc6c7ed42d413c
-
SHA256
58df822db4951c4f3478ffa26f48e6edbbc0b2abf85117822f62d58139a657b2
-
SHA512
1b124c9a8ac9e1c3e79f9efe12d4981e155792b19c34e510bbfa9737fc0981e5555f1495c38c684d34a02d2da78bc2fe33a709e909529627d266dc7a11b33dc8
-
SSDEEP
1536:iTDoLpkUDESZ2mE1/rhv9bSE3x5s+5UY5jpP2Jlwly9/4+lB2kD:ysLGUDijRJwMPwV9A+lB/
Static task
static1
Behavioral task
behavioral1
Sample
307ae20135569c40cb81f59439435120_NeikiAnalytics.dll
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
307ae20135569c40cb81f59439435120_NeikiAnalytics.exe
-
Size
120KB
-
MD5
307ae20135569c40cb81f59439435120
-
SHA1
7bcc3bfc50c6fe7c1bb9e8a426cc6c7ed42d413c
-
SHA256
58df822db4951c4f3478ffa26f48e6edbbc0b2abf85117822f62d58139a657b2
-
SHA512
1b124c9a8ac9e1c3e79f9efe12d4981e155792b19c34e510bbfa9737fc0981e5555f1495c38c684d34a02d2da78bc2fe33a709e909529627d266dc7a11b33dc8
-
SSDEEP
1536:iTDoLpkUDESZ2mE1/rhv9bSE3x5s+5UY5jpP2Jlwly9/4+lB2kD:ysLGUDijRJwMPwV9A+lB/
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3