General
-
Target
71d67ca91f50c49ae4fe5b43029d9d33b49573e2ebb29729a54801cdf87744d7_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240625-sz8hgsyapf
-
MD5
fb6021762fd5eed88cf1db572243ff80
-
SHA1
4ef082718ae037a4f445c767759a3575b19c5652
-
SHA256
71d67ca91f50c49ae4fe5b43029d9d33b49573e2ebb29729a54801cdf87744d7
-
SHA512
e21c18c5d1cc42dd8f1fa816c419330ed7992d11492027f039aa78436f4316023d77a7b5b33cb13ff68dcbb2869ebeb2fcdd0fdff0a37a61fa3ff67a57f89684
-
SSDEEP
3072:lGjrq4cSMxljN4vVM5si4brtxNFqlYsO06ZW:lGqiQN15sbZxNFMLcZW
Static task
static1
Behavioral task
behavioral1
Sample
71d67ca91f50c49ae4fe5b43029d9d33b49573e2ebb29729a54801cdf87744d7_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
71d67ca91f50c49ae4fe5b43029d9d33b49573e2ebb29729a54801cdf87744d7_NeikiAnalytics.exe
-
Size
120KB
-
MD5
fb6021762fd5eed88cf1db572243ff80
-
SHA1
4ef082718ae037a4f445c767759a3575b19c5652
-
SHA256
71d67ca91f50c49ae4fe5b43029d9d33b49573e2ebb29729a54801cdf87744d7
-
SHA512
e21c18c5d1cc42dd8f1fa816c419330ed7992d11492027f039aa78436f4316023d77a7b5b33cb13ff68dcbb2869ebeb2fcdd0fdff0a37a61fa3ff67a57f89684
-
SSDEEP
3072:lGjrq4cSMxljN4vVM5si4brtxNFqlYsO06ZW:lGqiQN15sbZxNFMLcZW
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5