f21b4cb4e8a995e608cbcac96588e25d1b348f46940899c8ee2e1393c2034d07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

189de0b3cc08ee1d1213dd227cc932e0_NeikiAnalytics
Size

1.0MB
Sample

240513-zrs66ade4w
MD5

189de0b3cc08ee1d1213dd227cc932e0
SHA1

ac0ca078cbaeb7b7baab7f3943c40a2671b62466
SHA256

f21b4cb4e8a995e608cbcac96588e25d1b348f46940899c8ee2e1393c2034d07
SHA512

8d70a2466c73347607de38c10419c813092ffa870bfd27d3931c7d13005f7b690f4cdda2309763cfed21ad8d3fdf1a079d1101ef7a483cd50d81f891f9cbec1e
SSDEEP

24576:6ZYsYJNWlgauWVSuShZW/S7zONx0zqZ4f5/4/31K2:+cJMggSuSrW/SscAy4E2

Score

7^/10

Malware Config

Targets

- Target
  
  189de0b3cc08ee1d1213dd227cc932e0_NeikiAnalytics
- Size
  
  1.0MB
- MD5
  
  189de0b3cc08ee1d1213dd227cc932e0
- SHA1
  
  ac0ca078cbaeb7b7baab7f3943c40a2671b62466
- SHA256
  
  f21b4cb4e8a995e608cbcac96588e25d1b348f46940899c8ee2e1393c2034d07
- SHA512
  
  8d70a2466c73347607de38c10419c813092ffa870bfd27d3931c7d13005f7b690f4cdda2309763cfed21ad8d3fdf1a079d1101ef7a483cd50d81f891f9cbec1e
- SSDEEP
  
  24576:6ZYsYJNWlgauWVSuShZW/S7zONx0zqZ4f5/4/31K2:+cJMggSuSrW/SscAy4E2
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2