0cd33372d558dda7afc78a1af907429854d5849aef108d3c3556f6e962148457 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8169dfe58e16dad63d763532f6405730_NeikiAnalytics
Size

13KB
Sample

240512-jz97msba87
MD5

8169dfe58e16dad63d763532f6405730
SHA1

5406e6c43d01d04bea5a27b96c57328bf02299bd
SHA256

0cd33372d558dda7afc78a1af907429854d5849aef108d3c3556f6e962148457
SHA512

a99441f86ac2b77e113c7b9555107a8e66df11d4f03fce000d6a83c90dfd47195fe22093c1f218ffb56620597dfca99d4439a28378753a2cae942d514f5d1ce4
SSDEEP

96:XQUyyYKtUsxY4WQBtgDuAnQWRIUF2C6O4ioTviReoskLcVTukdkWk07ziNqgkWfy:wym8TSrQWRIcmpTcnshRuk3bMc/uy

Score

7^/10

Malware Config

Targets

- Target
  
  8169dfe58e16dad63d763532f6405730_NeikiAnalytics
- Size
  
  13KB
- MD5
  
  8169dfe58e16dad63d763532f6405730
- SHA1
  
  5406e6c43d01d04bea5a27b96c57328bf02299bd
- SHA256
  
  0cd33372d558dda7afc78a1af907429854d5849aef108d3c3556f6e962148457
- SHA512
  
  a99441f86ac2b77e113c7b9555107a8e66df11d4f03fce000d6a83c90dfd47195fe22093c1f218ffb56620597dfca99d4439a28378753a2cae942d514f5d1ce4
- SSDEEP
  
  96:XQUyyYKtUsxY4WQBtgDuAnQWRIUF2C6O4ioTviReoskLcVTukdkWk07ziNqgkWfy:wym8TSrQWRIcmpTcnshRuk3bMc/uy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2