General
-
Target
5a47d2d29fda597a9e77ee4774fd145b85e2cb1316ed6894b1dd534b06c003bd_NeikiAnalytics.exe
-
Size
65KB
-
Sample
240626-gqapba1hjn
-
MD5
1f1fff577d7a07bd0e4d665b9630aba0
-
SHA1
8a3424ac74a6d822afe6c74b4d265a08f782baef
-
SHA256
5a47d2d29fda597a9e77ee4774fd145b85e2cb1316ed6894b1dd534b06c003bd
-
SHA512
7f7f5f69ca2d3b5f4281ad2ec690f7e5ba4135d71d44e82b28e2d32bd6d52e3de15cb637f16ddf62dca43a1e12195f4ca92b4d1835b02d52d1e54e33d07169f0
-
SSDEEP
1536:0l+oE7Ik3aVHtRxUcKglVk58oV/c5u7bvRKvc:0l+o6ICaVHzuFV/cw7bvF
Static task
static1
Behavioral task
behavioral1
Sample
5a47d2d29fda597a9e77ee4774fd145b85e2cb1316ed6894b1dd534b06c003bd_NeikiAnalytics.exe
Resource
win7-20231129-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
Targets
-
-
Target
5a47d2d29fda597a9e77ee4774fd145b85e2cb1316ed6894b1dd534b06c003bd_NeikiAnalytics.exe
-
Size
65KB
-
MD5
1f1fff577d7a07bd0e4d665b9630aba0
-
SHA1
8a3424ac74a6d822afe6c74b4d265a08f782baef
-
SHA256
5a47d2d29fda597a9e77ee4774fd145b85e2cb1316ed6894b1dd534b06c003bd
-
SHA512
7f7f5f69ca2d3b5f4281ad2ec690f7e5ba4135d71d44e82b28e2d32bd6d52e3de15cb637f16ddf62dca43a1e12195f4ca92b4d1835b02d52d1e54e33d07169f0
-
SSDEEP
1536:0l+oE7Ik3aVHtRxUcKglVk58oV/c5u7bvRKvc:0l+o6ICaVHzuFV/cw7bvF
-
Modifies firewall policy service
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5