General
-
Target
36bd29b2380b3aaf78ca9f9173aebc70_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240611-qybe9ayhmj
-
MD5
36bd29b2380b3aaf78ca9f9173aebc70
-
SHA1
e1e03ee147481bf7972a745f0e932a901a9c9c94
-
SHA256
2576097534d254123057e933fa696325b8c9a55b86c895cd9ed29853f47fa919
-
SHA512
176e0bf6f7bade4e96efd63357ce113e3aa999f2425f07d0fe07aa14fdc572b3d8b7fa434986da219c606b564a766100b166f7507b5a7e3a0c61005d434fd750
-
SSDEEP
1536:6IauEL5FM1jTDJil9/NJ2H7baaUGuAAJJYno39L3YOV5vGMDqtLonb7b:Jauf1fNm/H2vvuAAJ6o3JYwaLobn
Static task
static1
Behavioral task
behavioral1
Sample
36bd29b2380b3aaf78ca9f9173aebc70_NeikiAnalytics.dll
Resource
win7-20240215-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
36bd29b2380b3aaf78ca9f9173aebc70_NeikiAnalytics.exe
-
Size
120KB
-
MD5
36bd29b2380b3aaf78ca9f9173aebc70
-
SHA1
e1e03ee147481bf7972a745f0e932a901a9c9c94
-
SHA256
2576097534d254123057e933fa696325b8c9a55b86c895cd9ed29853f47fa919
-
SHA512
176e0bf6f7bade4e96efd63357ce113e3aa999f2425f07d0fe07aa14fdc572b3d8b7fa434986da219c606b564a766100b166f7507b5a7e3a0c61005d434fd750
-
SSDEEP
1536:6IauEL5FM1jTDJil9/NJ2H7baaUGuAAJJYno39L3YOV5vGMDqtLonb7b:Jauf1fNm/H2vvuAAJ6o3JYwaLobn
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3