5f70780cec36c972ca27aab04dd8682aa9889652b66dd49784b51622997f7e00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71500970438e9cf516be7c69ab75ba00_NeikiAnalytics
Size

353KB
Sample

240510-fbkejabf3z
MD5

71500970438e9cf516be7c69ab75ba00
SHA1

3ffe8f1486171cf75f766ace115a9f50463ff483
SHA256

5f70780cec36c972ca27aab04dd8682aa9889652b66dd49784b51622997f7e00
SHA512

b957ccf4710cef585fe4f9229f8a822c5919c37066de7b190d483a16a8d699c6def17dca733484acf05a235f7adbab1f15704128c1137db4efa506531b495a5d
SSDEEP

6144:UZT3k5umWrA7oSLvd5GrsHk42yqRfqOR/w0223zFe1vkdv/937EvyWv2:Uh3WukLF5g5JZ3eNkw2

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  71500970438e9cf516be7c69ab75ba00_NeikiAnalytics
- Size
  
  353KB
- MD5
  
  71500970438e9cf516be7c69ab75ba00
- SHA1
  
  3ffe8f1486171cf75f766ace115a9f50463ff483
- SHA256
  
  5f70780cec36c972ca27aab04dd8682aa9889652b66dd49784b51622997f7e00
- SHA512
  
  b957ccf4710cef585fe4f9229f8a822c5919c37066de7b190d483a16a8d699c6def17dca733484acf05a235f7adbab1f15704128c1137db4efa506531b495a5d
- SSDEEP
  
  6144:UZT3k5umWrA7oSLvd5GrsHk42yqRfqOR/w0223zFe1vkdv/937EvyWv2:Uh3WukLF5g5JZ3eNkw2
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2