fe3fd74f9bb4f90c9702e4029fb8bc229b2fd7e81023ea39ba92bccdc68df5bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2672f5b56edead8e20a43034a62e560_NeikiAnalytics
Size

66KB
Sample

240515-pv8qxaaa28
MD5

d2672f5b56edead8e20a43034a62e560
SHA1

bba846c2ac4fbcd1567678f889c0cd2a1caed887
SHA256

fe3fd74f9bb4f90c9702e4029fb8bc229b2fd7e81023ea39ba92bccdc68df5bb
SHA512

24145b9c2e2e9fac67ef52f51d6a3745c37fc823cd2de49e34c7115d391e1417b7476d058b37101662aba62a0053cbed8f92265f527328bb625dcc40e1605a7a
SSDEEP

768:urItKyw5WHXfQmjIiIk9ecAaHSHMb96FyXRDLdbvvvvN:ur3Z5IfQmv81ayo2yXpZ5

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  d2672f5b56edead8e20a43034a62e560_NeikiAnalytics
- Size
  
  66KB
- MD5
  
  d2672f5b56edead8e20a43034a62e560
- SHA1
  
  bba846c2ac4fbcd1567678f889c0cd2a1caed887
- SHA256
  
  fe3fd74f9bb4f90c9702e4029fb8bc229b2fd7e81023ea39ba92bccdc68df5bb
- SHA512
  
  24145b9c2e2e9fac67ef52f51d6a3745c37fc823cd2de49e34c7115d391e1417b7476d058b37101662aba62a0053cbed8f92265f527328bb625dcc40e1605a7a
- SSDEEP
  
  768:urItKyw5WHXfQmjIiIk9ecAaHSHMb96FyXRDLdbvvvvN:ur3Z5IfQmv81ayo2yXpZ5
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2