2a57f8be01099bd445adf58cac6fa89c70e7798635e167911d392921080ba638 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3202af4027e39bdcc327a64f29b31920_NeikiAnalytics
Size

43KB
Sample

240510-v36jeaha9w
MD5

3202af4027e39bdcc327a64f29b31920
SHA1

41e181616cc9ba2a2a2c73332e5787a5e51cc2e9
SHA256

2a57f8be01099bd445adf58cac6fa89c70e7798635e167911d392921080ba638
SHA512

48f55a4527251e7e7c3fceeb96fe25f4fbc8ce06d1d75e5a7b7ae31c10c35531417f875c12b026d6477a2a19991ab725b405958aae029d70a07233868397a659
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3202af4027e39bdcc327a64f29b31920_NeikiAnalytics
- Size
  
  43KB
- MD5
  
  3202af4027e39bdcc327a64f29b31920
- SHA1
  
  41e181616cc9ba2a2a2c73332e5787a5e51cc2e9
- SHA256
  
  2a57f8be01099bd445adf58cac6fa89c70e7798635e167911d392921080ba638
- SHA512
  
  48f55a4527251e7e7c3fceeb96fe25f4fbc8ce06d1d75e5a7b7ae31c10c35531417f875c12b026d6477a2a19991ab725b405958aae029d70a07233868397a659
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAe:b/pYayGig5HjS3NPAe
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2