General
-
Target
82818fbf7dc585e324b26dfba57f60f0_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240523-dz43qscd45
-
MD5
82818fbf7dc585e324b26dfba57f60f0
-
SHA1
e2566ec19f079fcd95bb5cfc8796a3aff5324973
-
SHA256
d48659dadef93ff03295e258e0d73c9ae01cc5f8aedd07da11518cb371b42a48
-
SHA512
147903b6c56608e712a7eb1a4b4e5d5020eaf28c740ac8b27ad8115517087d18af04dabb27f2168e1b89b54bfa14bd18ac96d7f78122501ea278311e33619d9a
-
SSDEEP
1536:kOkb5DODXXE6Svs9MdvAIbGogzgYQJWqZ0yO5kZ0L:MbkzKs9Md4IXfJjZ0yOt
Static task
static1
Behavioral task
behavioral1
Sample
82818fbf7dc585e324b26dfba57f60f0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
82818fbf7dc585e324b26dfba57f60f0_NeikiAnalytics.exe
-
Size
65KB
-
MD5
82818fbf7dc585e324b26dfba57f60f0
-
SHA1
e2566ec19f079fcd95bb5cfc8796a3aff5324973
-
SHA256
d48659dadef93ff03295e258e0d73c9ae01cc5f8aedd07da11518cb371b42a48
-
SHA512
147903b6c56608e712a7eb1a4b4e5d5020eaf28c740ac8b27ad8115517087d18af04dabb27f2168e1b89b54bfa14bd18ac96d7f78122501ea278311e33619d9a
-
SSDEEP
1536:kOkb5DODXXE6Svs9MdvAIbGogzgYQJWqZ0yO5kZ0L:MbkzKs9Md4IXfJjZ0yOt
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3