c66b3ec7224d80972b38b689e85c4fb395fbfbfcfe6dd5018bbd04bc17787979 | Triage

Sharing

General

Target

81f16f0ac610e0b01dc4e21b61ce9b20_NeikiAnalytics
Size

12KB
Sample

240512-j3ha2afh8w
MD5

81f16f0ac610e0b01dc4e21b61ce9b20
SHA1

6927214c52526f0df4ca146c11d02cf3665b1350
SHA256

c66b3ec7224d80972b38b689e85c4fb395fbfbfcfe6dd5018bbd04bc17787979
SHA512

13b24cdd20b5d83769cec343716337b3399bee00e1a8734b981a00f8562fba0e9be012b36b8c79a85a72c4deb20995ebe61fcd3d6eab98765d58d929934b31e6
SSDEEP

384:qL7li/2zhq2DcEQvdQcJKLTp/NK9xawr:0xMCQ9cwr

Score

7^/10

Malware Config

Targets

- Target
  
  81f16f0ac610e0b01dc4e21b61ce9b20_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  81f16f0ac610e0b01dc4e21b61ce9b20
- SHA1
  
  6927214c52526f0df4ca146c11d02cf3665b1350
- SHA256
  
  c66b3ec7224d80972b38b689e85c4fb395fbfbfcfe6dd5018bbd04bc17787979
- SHA512
  
  13b24cdd20b5d83769cec343716337b3399bee00e1a8734b981a00f8562fba0e9be012b36b8c79a85a72c4deb20995ebe61fcd3d6eab98765d58d929934b31e6
- SSDEEP
  
  384:qL7li/2zhq2DcEQvdQcJKLTp/NK9xawr:0xMCQ9cwr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2