General
-
Target
40fb036f8742c9af1429cc1e14e9981c421c053ccdf0e8d818f3c86edfd52c35_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240626-dgs8hstelr
-
MD5
84f4050fd1593b82200e271a08c1ee00
-
SHA1
199e1cbbb896036295b79c73037c05b7dcbc107e
-
SHA256
40fb036f8742c9af1429cc1e14e9981c421c053ccdf0e8d818f3c86edfd52c35
-
SHA512
89ac87c5e158aac42566aa2144498590e5b6c4ee2f60dfdad86c71983676e1bdf2df41af6043c6854b5bb79ab577429ee2c0f67c8ec1fae1220fdc5143544208
-
SSDEEP
3072:533q5VRQpE9E5Us5Cy5mnT+W2NfE2C9IVw8ZWyLGD5EN6:lq5V/E5UhawyW2TC9qw8xLp
Static task
static1
Behavioral task
behavioral1
Sample
40fb036f8742c9af1429cc1e14e9981c421c053ccdf0e8d818f3c86edfd52c35_NeikiAnalytics.dll
Resource
win7-20240221-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
40fb036f8742c9af1429cc1e14e9981c421c053ccdf0e8d818f3c86edfd52c35_NeikiAnalytics.exe
-
Size
120KB
-
MD5
84f4050fd1593b82200e271a08c1ee00
-
SHA1
199e1cbbb896036295b79c73037c05b7dcbc107e
-
SHA256
40fb036f8742c9af1429cc1e14e9981c421c053ccdf0e8d818f3c86edfd52c35
-
SHA512
89ac87c5e158aac42566aa2144498590e5b6c4ee2f60dfdad86c71983676e1bdf2df41af6043c6854b5bb79ab577429ee2c0f67c8ec1fae1220fdc5143544208
-
SSDEEP
3072:533q5VRQpE9E5Us5Cy5mnT+W2NfE2C9IVw8ZWyLGD5EN6:lq5V/E5UhawyW2TC9qw8xLp
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5