147e2036bbad28dd0960c346863747eb0269c019c83563389b401d599bc0f4e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

234e6fc6ffe80d486693deeea918abe0_NeikiAnalytics
Size

5.7MB
Sample

240509-nlgqdshg47
MD5

234e6fc6ffe80d486693deeea918abe0
SHA1

440e08eea9b7865aa41ad67274c0064a1b3a2277
SHA256

147e2036bbad28dd0960c346863747eb0269c019c83563389b401d599bc0f4e9
SHA512

b62799b4a5fd299de385d28ce43db2eaf19975c3b261fd93de0f716725a9a7be7f689f1c31cabc4f8c6b7dc364cb48454fbd524ca45c273c25bcdcec2f831c31
SSDEEP

98304:0GT1354l1pJnboFmIa/MAPuq8PqzJhBXJnm2doHft9tLcFgvGx:wl1pxMPmYCDBXIlvqUGx

Score

7^/10

Malware Config

Targets

- Target
  
  234e6fc6ffe80d486693deeea918abe0_NeikiAnalytics
- Size
  
  5.7MB
- MD5
  
  234e6fc6ffe80d486693deeea918abe0
- SHA1
  
  440e08eea9b7865aa41ad67274c0064a1b3a2277
- SHA256
  
  147e2036bbad28dd0960c346863747eb0269c019c83563389b401d599bc0f4e9
- SHA512
  
  b62799b4a5fd299de385d28ce43db2eaf19975c3b261fd93de0f716725a9a7be7f689f1c31cabc4f8c6b7dc364cb48454fbd524ca45c273c25bcdcec2f831c31
- SSDEEP
  
  98304:0GT1354l1pJnboFmIa/MAPuq8PqzJhBXJnm2doHft9tLcFgvGx:wl1pxMPmYCDBXIlvqUGx
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2