General
-
Target
a3e746af78e8788d0a03046e39c7c7f0_NeikiAnalytics.exe
-
Size
4.5MB
-
Sample
240619-h7c2fawfqc
-
MD5
a3e746af78e8788d0a03046e39c7c7f0
-
SHA1
eb27a71af49805c1a3cd82a8a3f77ceb123f8dee
-
SHA256
c6fd2be74f576a7159b0db5079d01a1eb9c774df567a1dff4762dec9cb62f1ae
-
SHA512
ddb99154ace2c6e1fcee4616b58d31d074d996959a2da9c93b5fb128618610b092d15ca63c0ffc67f60d061f52f7687e8a677342aa07da1171f0869c146ad314
-
SSDEEP
49152:D7r7U757m7d757ORGQw7n7RF/1787QW7s7k7V7ng7C7W97c797PNPKxrgykbcXtp:FDVYWcNPK+ykbcXtL/bftrgplRgsGRLt
Static task
static1
Behavioral task
behavioral1
Sample
a3e746af78e8788d0a03046e39c7c7f0_NeikiAnalytics.exe
Resource
win7-20240220-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Targets
-
-
Target
a3e746af78e8788d0a03046e39c7c7f0_NeikiAnalytics.exe
-
Size
4.5MB
-
MD5
a3e746af78e8788d0a03046e39c7c7f0
-
SHA1
eb27a71af49805c1a3cd82a8a3f77ceb123f8dee
-
SHA256
c6fd2be74f576a7159b0db5079d01a1eb9c774df567a1dff4762dec9cb62f1ae
-
SHA512
ddb99154ace2c6e1fcee4616b58d31d074d996959a2da9c93b5fb128618610b092d15ca63c0ffc67f60d061f52f7687e8a677342aa07da1171f0869c146ad314
-
SSDEEP
49152:D7r7U757m7d757ORGQw7n7RF/1787QW7s7k7V7ng7C7W97c797PNPKxrgykbcXtp:FDVYWcNPK+ykbcXtL/bftrgplRgsGRLt
-
Modifies firewall policy service
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Create or Modify System Process
1Windows Service
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1Defense Evasion
Modify Registry
5Impair Defenses
4Disable or Modify Tools
3Disable or Modify System Firewall
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1