4bd8902661e3e541788658ba9d263b523ec32d29fd23f1ec8aade87bd982514e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

275b4012d946fa5eaefd789e539da220_NeikiAnalytics
Size

12KB
Sample

240514-zycgzsgh98
MD5

275b4012d946fa5eaefd789e539da220
SHA1

664f22be0efe4210d0c7529581a5c71776871c3d
SHA256

4bd8902661e3e541788658ba9d263b523ec32d29fd23f1ec8aade87bd982514e
SHA512

5e33383aaa86a21bd6bdb846ae5b096c6ed549c003f8a19c3958b9d3eb3f2661b111aeaa201d94826d26e06804bb6d476222acfb7c56036490162e2137fb5676
SSDEEP

384:tL7li/2zdq2DcEQvdhcJKLTp/NK9xa+L:9dM/Q9c+L

Score

7^/10

Malware Config

Targets

- Target
  
  275b4012d946fa5eaefd789e539da220_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  275b4012d946fa5eaefd789e539da220
- SHA1
  
  664f22be0efe4210d0c7529581a5c71776871c3d
- SHA256
  
  4bd8902661e3e541788658ba9d263b523ec32d29fd23f1ec8aade87bd982514e
- SHA512
  
  5e33383aaa86a21bd6bdb846ae5b096c6ed549c003f8a19c3958b9d3eb3f2661b111aeaa201d94826d26e06804bb6d476222acfb7c56036490162e2137fb5676
- SSDEEP
  
  384:tL7li/2zdq2DcEQvdhcJKLTp/NK9xa+L:9dM/Q9c+L
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2