25ea33f3e06d0e4eed64cef88daa440fa05e7a3121ab8c86c86a3b20ae1e5cf8 | Triage

Sharing

General

Target

500d88c959a3e5a30764bf3f8728d3c0_NeikiAnalytics
Size

12KB
Sample

240512-ytlpesha95
MD5

500d88c959a3e5a30764bf3f8728d3c0
SHA1

775679d39f79daa12d6d77c60074d30c1438a6de
SHA256

25ea33f3e06d0e4eed64cef88daa440fa05e7a3121ab8c86c86a3b20ae1e5cf8
SHA512

a19d050649fde2c06aec1bcb1d8b0e6210b09cbf29fc982b573b02bccca8d3dd00bae148a83595c2a3ea4259ada50e2ebdb23d525f9e8aac5703aa680336653a
SSDEEP

384:qL7li/2zoq2DcEQvdhcJKLTp/NK9xamz:0UM/Q9cmz

Score

7^/10

Malware Config

Targets

- Target
  
  500d88c959a3e5a30764bf3f8728d3c0_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  500d88c959a3e5a30764bf3f8728d3c0
- SHA1
  
  775679d39f79daa12d6d77c60074d30c1438a6de
- SHA256
  
  25ea33f3e06d0e4eed64cef88daa440fa05e7a3121ab8c86c86a3b20ae1e5cf8
- SHA512
  
  a19d050649fde2c06aec1bcb1d8b0e6210b09cbf29fc982b573b02bccca8d3dd00bae148a83595c2a3ea4259ada50e2ebdb23d525f9e8aac5703aa680336653a
- SSDEEP
  
  384:qL7li/2zoq2DcEQvdhcJKLTp/NK9xamz:0UM/Q9cmz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2