ac78ae6859e76adecb9a7d3832fcd7d78ecda878e47c1d747954bc5f17bf74f8 | Triage

Sharing

General

Target

4a2b844cc3569863df29389496680c10_NeikiAnalytics
Size

12KB
Sample

240510-xmg7zsfc74
MD5

4a2b844cc3569863df29389496680c10
SHA1

485d6c18331112391d7ae64e6d35728fb10c3331
SHA256

ac78ae6859e76adecb9a7d3832fcd7d78ecda878e47c1d747954bc5f17bf74f8
SHA512

5a5329a4a19ec550b42d34b5581071a85b30c42890decfd1da67f92f70fc16f529b2d8b98edde470968924eb8f8706b8c802b7afa2f5b89c6611001cfb3c9cf1
SSDEEP

384:FL7li/2ztq2DcEQvdhcJKLTp/NK9xado:FtM/Q9cdo

Score

7^/10

Malware Config

Targets

- Target
  
  4a2b844cc3569863df29389496680c10_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  4a2b844cc3569863df29389496680c10
- SHA1
  
  485d6c18331112391d7ae64e6d35728fb10c3331
- SHA256
  
  ac78ae6859e76adecb9a7d3832fcd7d78ecda878e47c1d747954bc5f17bf74f8
- SHA512
  
  5a5329a4a19ec550b42d34b5581071a85b30c42890decfd1da67f92f70fc16f529b2d8b98edde470968924eb8f8706b8c802b7afa2f5b89c6611001cfb3c9cf1
- SSDEEP
  
  384:FL7li/2ztq2DcEQvdhcJKLTp/NK9xado:FtM/Q9cdo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2