5bb56959d9b3d1e112173b079c2b0ff5a3eb48fe55a622fb0e8c631c8b887c79 | Triage

Sharing

General

Target

43788c00343b17d31c46249bf04631f0_NeikiAnalytics
Size

47KB
Sample

240515-14xwjseh85
MD5

43788c00343b17d31c46249bf04631f0
SHA1

4f4aa583c63807f932c4817552affcc31d6f41d5
SHA256

5bb56959d9b3d1e112173b079c2b0ff5a3eb48fe55a622fb0e8c631c8b887c79
SHA512

ffae0b25de070b9f1816ec6b474c98b903df183d215457fb0166b0b202eeb6d46e88ad495930d01d6c45b8496247edb14c31097dd60dd6c25c8c98d2555401fd
SSDEEP

768:8w1ni6gXQRCR7QyopUiMgvpXHVLdQp4zMxzsQ3wKGMYVg46RlFlosNfajC:8w1n/K79sPXVhOVzRgKGMe6r31A

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  43788c00343b17d31c46249bf04631f0_NeikiAnalytics
- Size
  
  47KB
- MD5
  
  43788c00343b17d31c46249bf04631f0
- SHA1
  
  4f4aa583c63807f932c4817552affcc31d6f41d5
- SHA256
  
  5bb56959d9b3d1e112173b079c2b0ff5a3eb48fe55a622fb0e8c631c8b887c79
- SHA512
  
  ffae0b25de070b9f1816ec6b474c98b903df183d215457fb0166b0b202eeb6d46e88ad495930d01d6c45b8496247edb14c31097dd60dd6c25c8c98d2555401fd
- SSDEEP
  
  768:8w1ni6gXQRCR7QyopUiMgvpXHVLdQp4zMxzsQ3wKGMYVg46RlFlosNfajC:8w1n/K79sPXVhOVzRgKGMe6r31A
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2