General
-
Target
72452644ee36bfba9e27d92b40b7ace0_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240531-xajv2sha7y
-
MD5
72452644ee36bfba9e27d92b40b7ace0
-
SHA1
7c7b0afeaf1ba8990701cdc858c720d9355b255d
-
SHA256
94e35176a62a72c4c6e554adf3c4780566fe613273a8751c7fca089ffa03242f
-
SHA512
238c6e4a790674b00c8a9edd770d405a99323444c9866bba0a2ca6578c894da49ca8a5283546f93c1255ea38a8ce3068e7777b2168f1110fe2f447c5faf3dde5
-
SSDEEP
3072:bpy82/uCpQ+gfyeMLYyw7ds5MA+aYxYHLPoL:4/7pNIyBQ725MA+vxYrP
Static task
static1
Behavioral task
behavioral1
Sample
72452644ee36bfba9e27d92b40b7ace0_NeikiAnalytics.dll
Resource
win7-20240215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
72452644ee36bfba9e27d92b40b7ace0_NeikiAnalytics.exe
-
Size
120KB
-
MD5
72452644ee36bfba9e27d92b40b7ace0
-
SHA1
7c7b0afeaf1ba8990701cdc858c720d9355b255d
-
SHA256
94e35176a62a72c4c6e554adf3c4780566fe613273a8751c7fca089ffa03242f
-
SHA512
238c6e4a790674b00c8a9edd770d405a99323444c9866bba0a2ca6578c894da49ca8a5283546f93c1255ea38a8ce3068e7777b2168f1110fe2f447c5faf3dde5
-
SSDEEP
3072:bpy82/uCpQ+gfyeMLYyw7ds5MA+aYxYHLPoL:4/7pNIyBQ725MA+vxYrP
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3Modify Registry
5