c8b059b11cf655f855d8f64f2d79bf27ee2a174ed7ab96f99880ce29a7cb45ee | Triage

Submit
Reports

Overview

overview

8

Static

static

3

0e963bdba0...cs.exe

windows7-x64

8

0e963bdba0...cs.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

0e963bdba0f7e97ca8b482b45ff22d60_NeikiAnalytics
Size

71KB
Sample

240511-rwdy2abf91
MD5

0e963bdba0f7e97ca8b482b45ff22d60
SHA1

a8fd0b52a404575fc2e8e0db0b2a5ea64e248458
SHA256

c8b059b11cf655f855d8f64f2d79bf27ee2a174ed7ab96f99880ce29a7cb45ee
SHA512

03ec045928f778beefc7d256de63445af97f14e37dd1ee42ab32df4ca138c108ead94dab7c518e24aba0d010de7c62614f6d6ea554b9ccd9ed3e2c52b84677d6
SSDEEP

768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkS:Zr3Z5IfQmv81x7pP1r3yXPdtnyjz

Score

8^/10

evasion

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0e963bdba0f7e97ca8b482b45ff22d60_NeikiAnalytics.exe

Resource

win7-20240508-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

0e963bdba0f7e97ca8b482b45ff22d60_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  0e963bdba0f7e97ca8b482b45ff22d60_NeikiAnalytics
- Size
  
  71KB
- MD5
  
  0e963bdba0f7e97ca8b482b45ff22d60
- SHA1
  
  a8fd0b52a404575fc2e8e0db0b2a5ea64e248458
- SHA256
  
  c8b059b11cf655f855d8f64f2d79bf27ee2a174ed7ab96f99880ce29a7cb45ee
- SHA512
  
  03ec045928f778beefc7d256de63445af97f14e37dd1ee42ab32df4ca138c108ead94dab7c518e24aba0d010de7c62614f6d6ea554b9ccd9ed3e2c52b84677d6
- SSDEEP
  
  768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkS:Zr3Z5IfQmv81x7pP1r3yXPdtnyjz
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy