170c5228661837d98e8d8e0c999682d5166c2398323a925ff824c4f0be6f1eb3 | Triage

Sharing

General

Target

33b72c8f386d9b792b4e79b082a21ea0_NeikiAnalytics
Size

564KB
Sample

240513-sdhd6sbc3y
MD5

33b72c8f386d9b792b4e79b082a21ea0
SHA1

84f40fe249d14ab362b2e7ca57deb3c542d58c62
SHA256

170c5228661837d98e8d8e0c999682d5166c2398323a925ff824c4f0be6f1eb3
SHA512

9e568aa6ed033328e7ae2b1dc69bafc5213f837626911e488fde8abcc3f0c6ebd2e498287953f91e407991711a33007600ebbb88188a1b17d803f6f48615ac7f
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxh:dqDAwl0xPTMiR9JSSxPUKYGdodHA

Score

7^/10

Malware Config

Targets

- Target
  
  33b72c8f386d9b792b4e79b082a21ea0_NeikiAnalytics
- Size
  
  564KB
- MD5
  
  33b72c8f386d9b792b4e79b082a21ea0
- SHA1
  
  84f40fe249d14ab362b2e7ca57deb3c542d58c62
- SHA256
  
  170c5228661837d98e8d8e0c999682d5166c2398323a925ff824c4f0be6f1eb3
- SHA512
  
  9e568aa6ed033328e7ae2b1dc69bafc5213f837626911e488fde8abcc3f0c6ebd2e498287953f91e407991711a33007600ebbb88188a1b17d803f6f48615ac7f
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxh:dqDAwl0xPTMiR9JSSxPUKYGdodHA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2