4f208bb995d85ab396138915fd0b77ccee49c2700a6afbce2195df36f6188edd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

617efe5b27b3e1ad8cd87d5f437e8790_NeikiAnalytics
Size

63KB
Sample

240510-eaqz9aha2w
MD5

617efe5b27b3e1ad8cd87d5f437e8790
SHA1

e7fbbdc26f5418ec6f7308589588fe0b427cf09c
SHA256

4f208bb995d85ab396138915fd0b77ccee49c2700a6afbce2195df36f6188edd
SHA512

c2530b13e3c4240fc5afa525f0d79fc502a98b3a7b08011c1b5b1cac785d612c2afd159eb686929cef304ebd6255a5d86fdb158f45240944e8a3ca3b86a57b00
SSDEEP

768:UMTx4UIB3zmOFJkzh8S2qnw3nZeWWkiwB1/EPbExvXuBnRzg6Q1WZL1Ydu0n:HmBqSJQ4qnFJ+1/hZ2nRcV1Q5YJn

Score

7^/10

Malware Config

Targets

- Target
  
  617efe5b27b3e1ad8cd87d5f437e8790_NeikiAnalytics
- Size
  
  63KB
- MD5
  
  617efe5b27b3e1ad8cd87d5f437e8790
- SHA1
  
  e7fbbdc26f5418ec6f7308589588fe0b427cf09c
- SHA256
  
  4f208bb995d85ab396138915fd0b77ccee49c2700a6afbce2195df36f6188edd
- SHA512
  
  c2530b13e3c4240fc5afa525f0d79fc502a98b3a7b08011c1b5b1cac785d612c2afd159eb686929cef304ebd6255a5d86fdb158f45240944e8a3ca3b86a57b00
- SSDEEP
  
  768:UMTx4UIB3zmOFJkzh8S2qnw3nZeWWkiwB1/EPbExvXuBnRzg6Q1WZL1Ydu0n:HmBqSJQ4qnFJ+1/hZ2nRcV1Q5YJn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2