84c7949f2d5e6e755d54dda67dda9650f709eafa3770b2081c7ddf228be36d14 | Triage

Sharing

General

Target

cf7ddd1cb3e997744b015a897ed35e70_NeikiAnalytics
Size

12KB
Sample

240515-neay9seg61
MD5

cf7ddd1cb3e997744b015a897ed35e70
SHA1

69a09c2f2b42b804e78f702432c3fca7c7f52463
SHA256

84c7949f2d5e6e755d54dda67dda9650f709eafa3770b2081c7ddf228be36d14
SHA512

164d330414bd3aaff7b1d92d23326836830b7f161c6b4fb03e515fc026ca9ec6715b6500695c6ef4296f3f70c4c1f093bbeee478fed5ae465497de18f10ac862
SSDEEP

384:qL7li/2zAq2DcEQvdQcJKLTp/NK9xa90:0UMCQ9c90

Score

7^/10

Malware Config

Targets

- Target
  
  cf7ddd1cb3e997744b015a897ed35e70_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  cf7ddd1cb3e997744b015a897ed35e70
- SHA1
  
  69a09c2f2b42b804e78f702432c3fca7c7f52463
- SHA256
  
  84c7949f2d5e6e755d54dda67dda9650f709eafa3770b2081c7ddf228be36d14
- SHA512
  
  164d330414bd3aaff7b1d92d23326836830b7f161c6b4fb03e515fc026ca9ec6715b6500695c6ef4296f3f70c4c1f093bbeee478fed5ae465497de18f10ac862
- SSDEEP
  
  384:qL7li/2zAq2DcEQvdQcJKLTp/NK9xa90:0UMCQ9c90
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2