adf1be1107c4f4bfcdf77c2fc5009dfc0a7ae2bbda74b91860749fb8142fc198 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b39b194153df93d5666c7f40ee50430_NeikiAnalytics
Size

71KB
Sample

240509-rpp3qaea7t
MD5

5b39b194153df93d5666c7f40ee50430
SHA1

2af0ffbeae38d4ff6f1fbdc73c41f7cd4173f188
SHA256

adf1be1107c4f4bfcdf77c2fc5009dfc0a7ae2bbda74b91860749fb8142fc198
SHA512

8b1ee79f9f44a5705969df42645388fee2fe1cb8636447ac5851c91de0be82e58b183c4a701682e95f53a30a97e46eb7205be756a664c22d09bc39ce9420f408
SSDEEP

768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXE0006:Tr3Z5IfQmv81ar1yXtZI

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  5b39b194153df93d5666c7f40ee50430_NeikiAnalytics
- Size
  
  71KB
- MD5
  
  5b39b194153df93d5666c7f40ee50430
- SHA1
  
  2af0ffbeae38d4ff6f1fbdc73c41f7cd4173f188
- SHA256
  
  adf1be1107c4f4bfcdf77c2fc5009dfc0a7ae2bbda74b91860749fb8142fc198
- SHA512
  
  8b1ee79f9f44a5705969df42645388fee2fe1cb8636447ac5851c91de0be82e58b183c4a701682e95f53a30a97e46eb7205be756a664c22d09bc39ce9420f408
- SSDEEP
  
  768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXE0006:Tr3Z5IfQmv81ar1yXtZI
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2