General
-
Target
0eb37d858cc3ea398efe5a4c03218820_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240616-1lyecszard
-
MD5
0eb37d858cc3ea398efe5a4c03218820
-
SHA1
58ebe4f011551613dc67b3b0c1789a339c64cad5
-
SHA256
bb8b2f051eaa14c482d41085ddae978c464774d1dadaeda48ee993ba1602b308
-
SHA512
af96c3d06161bf7e64b698d28b73fb631df39f2b361d183527a5273a5f02f586676624026f06debf088ed1fc18382a3e57b7129c8e647fa10708ca47b793608f
-
SSDEEP
1536:O8fFqiB4BUaLz6hrOaMIU1XjhB6mAEom0zeWKEz1Hx7Rr2fwFfDrt2VTjkY:bIiQrLzJ1Xj365EjyeWR5R7ofQJqTB
Static task
static1
Behavioral task
behavioral1
Sample
0eb37d858cc3ea398efe5a4c03218820_NeikiAnalytics.dll
Resource
win7-20240508-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
0eb37d858cc3ea398efe5a4c03218820_NeikiAnalytics.exe
-
Size
120KB
-
MD5
0eb37d858cc3ea398efe5a4c03218820
-
SHA1
58ebe4f011551613dc67b3b0c1789a339c64cad5
-
SHA256
bb8b2f051eaa14c482d41085ddae978c464774d1dadaeda48ee993ba1602b308
-
SHA512
af96c3d06161bf7e64b698d28b73fb631df39f2b361d183527a5273a5f02f586676624026f06debf088ed1fc18382a3e57b7129c8e647fa10708ca47b793608f
-
SSDEEP
1536:O8fFqiB4BUaLz6hrOaMIU1XjhB6mAEom0zeWKEz1Hx7Rr2fwFfDrt2VTjkY:bIiQrLzJ1Xj365EjyeWR5R7ofQJqTB
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
3Disable or Modify Tools
3