9edbd31f8775ea76c21b4710578e1c0385ed5c8c53faa674f7a07069d72efac2 | Triage

Sharing

General

Target

112ca0b73bfe609c70672e0254aefd00_NeikiAnalytics
Size

12KB
Sample

240510-syylwscg7t
MD5

112ca0b73bfe609c70672e0254aefd00
SHA1

8bab4131e97517048efcdd646ae918381a0a6013
SHA256

9edbd31f8775ea76c21b4710578e1c0385ed5c8c53faa674f7a07069d72efac2
SHA512

eb4217de61f8fcb1b1f32c480f7bf321cfc28cf24e2f7ec5fd7083f1d7f53f59cb7e3979d011ad950ac9ba42e7647c2e6817f608f29967f996d25a2719070a68
SSDEEP

384:DL7li/2ziq2DcEQvdhcJKLTp/NK9xaY+th:HSM/Q9cY+th

Score

7^/10

Malware Config

Targets

- Target
  
  112ca0b73bfe609c70672e0254aefd00_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  112ca0b73bfe609c70672e0254aefd00
- SHA1
  
  8bab4131e97517048efcdd646ae918381a0a6013
- SHA256
  
  9edbd31f8775ea76c21b4710578e1c0385ed5c8c53faa674f7a07069d72efac2
- SHA512
  
  eb4217de61f8fcb1b1f32c480f7bf321cfc28cf24e2f7ec5fd7083f1d7f53f59cb7e3979d011ad950ac9ba42e7647c2e6817f608f29967f996d25a2719070a68
- SSDEEP
  
  384:DL7li/2ziq2DcEQvdhcJKLTp/NK9xaY+th:HSM/Q9cY+th
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2