8e040ec639d332011ae2871a2e23abf6f099b65f8eb53a75d9351805b0e6a96d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd190c53b9f9ef55bfeaf1e02124f200_NeikiAnalytics
Size

603KB
Sample

240514-tf9rwadh89
MD5

cd190c53b9f9ef55bfeaf1e02124f200
SHA1

2b7917e181c82bdab99862eab075a96709378a8d
SHA256

8e040ec639d332011ae2871a2e23abf6f099b65f8eb53a75d9351805b0e6a96d
SHA512

817397c24561023f0a7a004d55111136dea1d2346c770f9462a4e7796c145784704e7adf067e4da8603b97697207ec0c50307701b7fca18b6798088f17c78998
SSDEEP

6144:FqDAwl0xPTMiR9JSSxPUKYGdodH/baqE7Al8jky:F+67XR9JSSxvYGdodH/1C5

Score

7^/10

Malware Config

Targets

- Target
  
  cd190c53b9f9ef55bfeaf1e02124f200_NeikiAnalytics
- Size
  
  603KB
- MD5
  
  cd190c53b9f9ef55bfeaf1e02124f200
- SHA1
  
  2b7917e181c82bdab99862eab075a96709378a8d
- SHA256
  
  8e040ec639d332011ae2871a2e23abf6f099b65f8eb53a75d9351805b0e6a96d
- SHA512
  
  817397c24561023f0a7a004d55111136dea1d2346c770f9462a4e7796c145784704e7adf067e4da8603b97697207ec0c50307701b7fca18b6798088f17c78998
- SSDEEP
  
  6144:FqDAwl0xPTMiR9JSSxPUKYGdodH/baqE7Al8jky:F+67XR9JSSxvYGdodH/1C5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2