7c5b75103dc2dcf0b9eec13209ef568d0f33a2f40e70279277c4a8fe23050a8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38e752a207e6d8fe92b525439ca0f020_NeikiAnalytics
Size

224KB
Sample

240510-blp1jsab3s
MD5

38e752a207e6d8fe92b525439ca0f020
SHA1

bf79b31577ea5ca10f7f4f89b781c2c91668a0fb
SHA256

7c5b75103dc2dcf0b9eec13209ef568d0f33a2f40e70279277c4a8fe23050a8b
SHA512

8afa5e2e24a84e75d3fa9564da2f495d27b745a0bf17a58e17d3399151b923fb1b19cb0dcbf20ed3998bd43c33e413fc83c12f44a3ca7888726be5965d66a379
SSDEEP

3072:G0aKR9zi3BhCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:G0jRaBAYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  38e752a207e6d8fe92b525439ca0f020_NeikiAnalytics
- Size
  
  224KB
- MD5
  
  38e752a207e6d8fe92b525439ca0f020
- SHA1
  
  bf79b31577ea5ca10f7f4f89b781c2c91668a0fb
- SHA256
  
  7c5b75103dc2dcf0b9eec13209ef568d0f33a2f40e70279277c4a8fe23050a8b
- SHA512
  
  8afa5e2e24a84e75d3fa9564da2f495d27b745a0bf17a58e17d3399151b923fb1b19cb0dcbf20ed3998bd43c33e413fc83c12f44a3ca7888726be5965d66a379
- SSDEEP
  
  3072:G0aKR9zi3BhCjG8G3GbGVGBGfGuGxGWYcrf6Kadk:G0jRaBAYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2