aa463b5781f758519d43660a29a7b3843e91e9afc5ea61f2de3e80b5fb27ba2d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ef6543d81ea215d7a50e469c8b40900_NeikiAnalytics
Size

12KB
Sample

240511-1r2nzaah3s
MD5

3ef6543d81ea215d7a50e469c8b40900
SHA1

3351d1650937ef4c73fa38193f10b4c61826254a
SHA256

aa463b5781f758519d43660a29a7b3843e91e9afc5ea61f2de3e80b5fb27ba2d
SHA512

ebd5139d3743905e4570472f9442b8a9d9016c9b9b845d7ec43808d9441fc026f60bc09a78a2d05a36be6418e3afa48929d503b08a82ab38d8914b124531ea3a
SSDEEP

384:ZL7li/2z2q2DcEQvdQcJKLTp/NK9xaF1:pGMCQ9cF1

Score

7^/10

Malware Config

Targets

- Target
  
  3ef6543d81ea215d7a50e469c8b40900_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  3ef6543d81ea215d7a50e469c8b40900
- SHA1
  
  3351d1650937ef4c73fa38193f10b4c61826254a
- SHA256
  
  aa463b5781f758519d43660a29a7b3843e91e9afc5ea61f2de3e80b5fb27ba2d
- SHA512
  
  ebd5139d3743905e4570472f9442b8a9d9016c9b9b845d7ec43808d9441fc026f60bc09a78a2d05a36be6418e3afa48929d503b08a82ab38d8914b124531ea3a
- SSDEEP
  
  384:ZL7li/2z2q2DcEQvdQcJKLTp/NK9xaF1:pGMCQ9cF1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2