16df5f96102a3ab820f5fa5530638886ff75439729c66fa71eea1442098e2c04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccea6059e7b0134c0a33653f958f3f50_NeikiAnalytics
Size

42KB
Sample

240514-tc5nradg55
MD5

ccea6059e7b0134c0a33653f958f3f50
SHA1

a282a3eb124ec37e1e5befdb2938011bb9a12f7b
SHA256

16df5f96102a3ab820f5fa5530638886ff75439729c66fa71eea1442098e2c04
SHA512

b8f8b395a459e461fcfec2021887898b8bc545b82800dc297ddc9bd1e4949df67d398c710d01f03417084f8f6d8d3097436e25f560cdb79388d3f15e6c1a8ce3
SSDEEP

768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4REL+cc66T9:vj+jsMQMOtEvwDpj5HW5s9

Score

7^/10

Malware Config

Targets

- Target
  
  ccea6059e7b0134c0a33653f958f3f50_NeikiAnalytics
- Size
  
  42KB
- MD5
  
  ccea6059e7b0134c0a33653f958f3f50
- SHA1
  
  a282a3eb124ec37e1e5befdb2938011bb9a12f7b
- SHA256
  
  16df5f96102a3ab820f5fa5530638886ff75439729c66fa71eea1442098e2c04
- SHA512
  
  b8f8b395a459e461fcfec2021887898b8bc545b82800dc297ddc9bd1e4949df67d398c710d01f03417084f8f6d8d3097436e25f560cdb79388d3f15e6c1a8ce3
- SSDEEP
  
  768:vQz7yVEhs9+js1SQtOOtEvwDpjz9+4REL+cc66T9:vj+jsMQMOtEvwDpj5HW5s9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2