8e1917621a13ff058f518f6b8b3c706dca293ad0a7cb2c219287beec4ca139b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a96a830a087e2f14e23cdfeb8153270_NeikiAnalytics
Size

15KB
Sample

240510-hw3gysch29
MD5

9a96a830a087e2f14e23cdfeb8153270
SHA1

f5e6715a334ec1d99abf8fd3c649131a5d9b441d
SHA256

8e1917621a13ff058f518f6b8b3c706dca293ad0a7cb2c219287beec4ca139b8
SHA512

7fc2a19b87d2ab06ff002896afe6660b29142c74f37625b00d4ce215376b78403c4f77012716da94dcb13063222935c9bcb3f926f915fd5f3281a5062fb0b498
SSDEEP

192:1RQ9GnwR2MBAsrzjR3OmaFAvtGVrvV8U4IN1OZ+kX48MdStZTRhX:ocnwR2MBLzV4atGVr9AMmdRh

Score

7^/10

Malware Config

Targets

- Target
  
  9a96a830a087e2f14e23cdfeb8153270_NeikiAnalytics
- Size
  
  15KB
- MD5
  
  9a96a830a087e2f14e23cdfeb8153270
- SHA1
  
  f5e6715a334ec1d99abf8fd3c649131a5d9b441d
- SHA256
  
  8e1917621a13ff058f518f6b8b3c706dca293ad0a7cb2c219287beec4ca139b8
- SHA512
  
  7fc2a19b87d2ab06ff002896afe6660b29142c74f37625b00d4ce215376b78403c4f77012716da94dcb13063222935c9bcb3f926f915fd5f3281a5062fb0b498
- SSDEEP
  
  192:1RQ9GnwR2MBAsrzjR3OmaFAvtGVrvV8U4IN1OZ+kX48MdStZTRhX:ocnwR2MBLzV4atGVr9AMmdRh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2