05b55a8ed6498aa42dc7e78c1e91743a4227ad71d97598a1414d0d186b72afcd | Triage

Sharing

General

Target

a65094a9e06184dde589dc3bd7f59cd0_NeikiAnalytics
Size

80KB
Sample

240510-jp1kfsef96
MD5

a65094a9e06184dde589dc3bd7f59cd0
SHA1

5c5b39f5667ab31eed5cb46b0b9822587abfe521
SHA256

05b55a8ed6498aa42dc7e78c1e91743a4227ad71d97598a1414d0d186b72afcd
SHA512

c7c6c4a0178a58283e5a7ca74b6be7e5d36ac2c83c121f7599a928246d2c6cc4064b5424fcb3adb3d201a5300e69c85408277cc72a8312ec875bb37641ef3b70
SSDEEP

1536:3asQx7dBLwhrkISRd2u+nlB2p8yBVejX1eYS:3a4kvd2uA/A7BVejXMYS

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  a65094a9e06184dde589dc3bd7f59cd0_NeikiAnalytics
- Size
  
  80KB
- MD5
  
  a65094a9e06184dde589dc3bd7f59cd0
- SHA1
  
  5c5b39f5667ab31eed5cb46b0b9822587abfe521
- SHA256
  
  05b55a8ed6498aa42dc7e78c1e91743a4227ad71d97598a1414d0d186b72afcd
- SHA512
  
  c7c6c4a0178a58283e5a7ca74b6be7e5d36ac2c83c121f7599a928246d2c6cc4064b5424fcb3adb3d201a5300e69c85408277cc72a8312ec875bb37641ef3b70
- SSDEEP
  
  1536:3asQx7dBLwhrkISRd2u+nlB2p8yBVejX1eYS:3a4kvd2uA/A7BVejXMYS
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2