d6ccbce67b074abd62eff688ce6f8406daecb7e3cbc439a66e53d133119a3cd3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79a14ce255371769495020ff40fb4f60_NeikiAnalytics
Size

71KB
Sample

240511-esdsmscf2w
MD5

79a14ce255371769495020ff40fb4f60
SHA1

5c07f5408bb2ea53bce16e6ab5a0eacc8ed82b1b
SHA256

d6ccbce67b074abd62eff688ce6f8406daecb7e3cbc439a66e53d133119a3cd3
SHA512

352cfcac347d668678fdfa08697546d5bf53a4faf03fc6ab47184d3fa7e7c9d1fb442577b81d9d686d86310ef69b99822816daef1d7b0f11f71355c5c9be7b7f
SSDEEP

1536:Or3Z5IfQmv81abyyXcZibfffsffffeIIIp:SJOfQm010yyXcZ2IIIp

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  79a14ce255371769495020ff40fb4f60_NeikiAnalytics
- Size
  
  71KB
- MD5
  
  79a14ce255371769495020ff40fb4f60
- SHA1
  
  5c07f5408bb2ea53bce16e6ab5a0eacc8ed82b1b
- SHA256
  
  d6ccbce67b074abd62eff688ce6f8406daecb7e3cbc439a66e53d133119a3cd3
- SHA512
  
  352cfcac347d668678fdfa08697546d5bf53a4faf03fc6ab47184d3fa7e7c9d1fb442577b81d9d686d86310ef69b99822816daef1d7b0f11f71355c5c9be7b7f
- SSDEEP
  
  1536:Or3Z5IfQmv81abyyXcZibfffsffffeIIIp:SJOfQm010yyXcZ2IIIp
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2