e31a28bb8d6d7f518bf85f2d239a71ebce46fea086885c8ae00d30faaf65c19c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a0a0375e08f66d331666eba898da2b0_NeikiAnalytics
Size

32KB
Sample

240510-z92w1sde32
MD5

0a0a0375e08f66d331666eba898da2b0
SHA1

ea42f3992e8892a487b649ec5ed0a438f5017b80
SHA256

e31a28bb8d6d7f518bf85f2d239a71ebce46fea086885c8ae00d30faaf65c19c
SHA512

d1d6a5d629795916fd3c989690884637801043f13da718551fd7045f1510e642724944de4f2bcfa6aae491ed1d66af4ce168538480e78bc4aeb51b812bbccc1d
SSDEEP

384:MApc8m4e0fvQak4JI341Cdabnk6hJPNVz:MApQr0fvdFJI34zTk6hJPNZ

Score

7^/10

Malware Config

Targets

- Target
  
  0a0a0375e08f66d331666eba898da2b0_NeikiAnalytics
- Size
  
  32KB
- MD5
  
  0a0a0375e08f66d331666eba898da2b0
- SHA1
  
  ea42f3992e8892a487b649ec5ed0a438f5017b80
- SHA256
  
  e31a28bb8d6d7f518bf85f2d239a71ebce46fea086885c8ae00d30faaf65c19c
- SHA512
  
  d1d6a5d629795916fd3c989690884637801043f13da718551fd7045f1510e642724944de4f2bcfa6aae491ed1d66af4ce168538480e78bc4aeb51b812bbccc1d
- SSDEEP
  
  384:MApc8m4e0fvQak4JI341Cdabnk6hJPNVz:MApQr0fvdFJI34zTk6hJPNZ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2