2a8e1a8b9d75e6f2e9c355ae6f6c3009a8ca6f9f1f5071a042d3e07a45c28a45 | Triage

Sharing

General

Target

1acac53a42b94d3fb5b0cf07ac8c3720_NeikiAnalytics
Size

12KB
Sample

240510-tlxphaeb3s
MD5

1acac53a42b94d3fb5b0cf07ac8c3720
SHA1

3ca37bf4f0e186e3bbc7cb463db3a2b549db2b16
SHA256

2a8e1a8b9d75e6f2e9c355ae6f6c3009a8ca6f9f1f5071a042d3e07a45c28a45
SHA512

a9be5245e3c37db6cdda93c2b66c833998d7687f894f9df4a147d42dc61296073c6f641e28eb14fe8fa93ec164c698f69a3a8878f4eb68f5af90b138815a4d0c
SSDEEP

384:LL7li/2zUq2DcEQvdhcJKLTp/NK9xazH5:fIM/Q9czH5

Score

7^/10

Malware Config

Targets

- Target
  
  1acac53a42b94d3fb5b0cf07ac8c3720_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  1acac53a42b94d3fb5b0cf07ac8c3720
- SHA1
  
  3ca37bf4f0e186e3bbc7cb463db3a2b549db2b16
- SHA256
  
  2a8e1a8b9d75e6f2e9c355ae6f6c3009a8ca6f9f1f5071a042d3e07a45c28a45
- SHA512
  
  a9be5245e3c37db6cdda93c2b66c833998d7687f894f9df4a147d42dc61296073c6f641e28eb14fe8fa93ec164c698f69a3a8878f4eb68f5af90b138815a4d0c
- SSDEEP
  
  384:LL7li/2zUq2DcEQvdhcJKLTp/NK9xazH5:fIM/Q9czH5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2