9207b66d3c50ac3a54e35c2d251b130effe36201360ac9ffdefff15877236862 | Triage

Sharing

General

Target

bde9ffaca5dd40cb9cafd0b6e5fd4380_NeikiAnalytics
Size

31KB
Sample

240513-tr1cksed72
MD5

bde9ffaca5dd40cb9cafd0b6e5fd4380
SHA1

15981d5620c10c2af517a1853a28985a65a91173
SHA256

9207b66d3c50ac3a54e35c2d251b130effe36201360ac9ffdefff15877236862
SHA512

f26a367f9089d2eabc6da33f8f7f2200aa60974624c7552a7da453caece9b901d50f3d41a925b833609d62841aed596301e72e66af6b25bd127a642425be4df6
SSDEEP

384:MApc8m4e0GvQak4JI341C0abnk6hJPTDw:MApQr0GvdFJI34qTk6hJPTDw

Score

7^/10

Malware Config

Targets

- Target
  
  bde9ffaca5dd40cb9cafd0b6e5fd4380_NeikiAnalytics
- Size
  
  31KB
- MD5
  
  bde9ffaca5dd40cb9cafd0b6e5fd4380
- SHA1
  
  15981d5620c10c2af517a1853a28985a65a91173
- SHA256
  
  9207b66d3c50ac3a54e35c2d251b130effe36201360ac9ffdefff15877236862
- SHA512
  
  f26a367f9089d2eabc6da33f8f7f2200aa60974624c7552a7da453caece9b901d50f3d41a925b833609d62841aed596301e72e66af6b25bd127a642425be4df6
- SSDEEP
  
  384:MApc8m4e0GvQak4JI341C0abnk6hJPTDw:MApQr0GvdFJI34qTk6hJPTDw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2