General

  • Target

    1751d237603d0f7f861af5f017aae2481db1cb2894369808eea83b4397c051ea_NeikiAnalytics.exe

  • Size

    284KB

  • Sample

    240619-3ef8ls1dnq

  • MD5

    3972895a6dbf0fdadf1c1dd142cdc0a0

  • SHA1

    410e5bea0c64264a8f82d8428b0e26de53f22d3b

  • SHA256

    1751d237603d0f7f861af5f017aae2481db1cb2894369808eea83b4397c051ea

  • SHA512

    ea4e3e94ceb801710a79aafa1f086aad0768c7965cf2c6f0656a284fd3873ef88749f9e0ef904440b38f5c33693a25f224a8e53e2bf9664dc67e34fd4fc56cf2

  • SSDEEP

    6144:QgjTffsAeph79dcGd3dR7Fuy7LILqkbJkQlout+1z/5H4NMbr:QgjLUAeph79dcK3dR7i4uTtAD5HQMbr

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      1751d237603d0f7f861af5f017aae2481db1cb2894369808eea83b4397c051ea_NeikiAnalytics.exe

    • Size

      284KB

    • MD5

      3972895a6dbf0fdadf1c1dd142cdc0a0

    • SHA1

      410e5bea0c64264a8f82d8428b0e26de53f22d3b

    • SHA256

      1751d237603d0f7f861af5f017aae2481db1cb2894369808eea83b4397c051ea

    • SHA512

      ea4e3e94ceb801710a79aafa1f086aad0768c7965cf2c6f0656a284fd3873ef88749f9e0ef904440b38f5c33693a25f224a8e53e2bf9664dc67e34fd4fc56cf2

    • SSDEEP

      6144:QgjTffsAeph79dcGd3dR7Fuy7LILqkbJkQlout+1z/5H4NMbr:QgjLUAeph79dcK3dR7i4uTtAD5HQMbr

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Privilege Escalation

Create or Modify System Process

1
T1543

Windows Service

1
T1543.003

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Defense Evasion

Modify Registry

5
T1112

Impair Defenses

4
T1562

Disable or Modify Tools

3
T1562.001

Disable or Modify System Firewall

1
T1562.004

Abuse Elevation Control Mechanism

1
T1548

Bypass User Account Control

1
T1548.002

Discovery

System Information Discovery

1
T1082

Tasks