055f8e02bf1fda8b4d8fc3135032b325c65167bcebc77d483e06035a0ac0c129 | Triage

Sharing

General

Target

649ee1cb7a0c9a02b93e32b77cab4750_NeikiAnalytics
Size

71KB
Sample

240511-dh8placc58
MD5

649ee1cb7a0c9a02b93e32b77cab4750
SHA1

23f17db5daeffc5c598eab9a59d24cf32b9f8a08
SHA256

055f8e02bf1fda8b4d8fc3135032b325c65167bcebc77d483e06035a0ac0c129
SHA512

fa3647270be1b8265053b9960469a163c25f741b2279548eca3074cd59de9ae41681a3a44c0d0bdc2e78f07bd0da8fa8b0c8a19f6188ac1821d6604c2745ed3a
SSDEEP

768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXX5:Tr3Z5IfQmv81ar1yXtZn

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  649ee1cb7a0c9a02b93e32b77cab4750_NeikiAnalytics
- Size
  
  71KB
- MD5
  
  649ee1cb7a0c9a02b93e32b77cab4750
- SHA1
  
  23f17db5daeffc5c598eab9a59d24cf32b9f8a08
- SHA256
  
  055f8e02bf1fda8b4d8fc3135032b325c65167bcebc77d483e06035a0ac0c129
- SHA512
  
  fa3647270be1b8265053b9960469a163c25f741b2279548eca3074cd59de9ae41681a3a44c0d0bdc2e78f07bd0da8fa8b0c8a19f6188ac1821d6604c2745ed3a
- SSDEEP
  
  768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXX5:Tr3Z5IfQmv81ar1yXtZn
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2