7b893a31d2fdeeb4e7d83d954d7222c9711304eb3e7577943e1c28b17898ce7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a213db72f155e923a8433ea94eadf4a0_NeikiAnalytics
Size

523KB
Sample

240515-h6z5ksfa54
MD5

a213db72f155e923a8433ea94eadf4a0
SHA1

f8a53a87a6745409c9b8af3657220ba36a6ec3e5
SHA256

7b893a31d2fdeeb4e7d83d954d7222c9711304eb3e7577943e1c28b17898ce7c
SHA512

bc791e0b6bad99b0f72a74156ffab408d32f25b01c5fe0c308a1fa40849a0b3e4bcf44dd888a1df0f0040c40edb64fce383c796bfa9c70b8b7725a1fc1dd8ac7
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxI:dqDAwl0xPTMiR9JSSxPUKYGdodHn

Score

7^/10

Malware Config

Targets

- Target
  
  a213db72f155e923a8433ea94eadf4a0_NeikiAnalytics
- Size
  
  523KB
- MD5
  
  a213db72f155e923a8433ea94eadf4a0
- SHA1
  
  f8a53a87a6745409c9b8af3657220ba36a6ec3e5
- SHA256
  
  7b893a31d2fdeeb4e7d83d954d7222c9711304eb3e7577943e1c28b17898ce7c
- SHA512
  
  bc791e0b6bad99b0f72a74156ffab408d32f25b01c5fe0c308a1fa40849a0b3e4bcf44dd888a1df0f0040c40edb64fce383c796bfa9c70b8b7725a1fc1dd8ac7
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxI:dqDAwl0xPTMiR9JSSxPUKYGdodHn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2