6908cd3af6ff6fa94cbdf968ab5d869acf2cb9a1420c35472a4b330d34efa9b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2699a6a35f85651bf6a09728144b940_NeikiAnalytics
Size

200KB
Sample

240515-pwa62aaa32
MD5

d2699a6a35f85651bf6a09728144b940
SHA1

2a0520572da9acf57f6259113fec760299c6bff2
SHA256

6908cd3af6ff6fa94cbdf968ab5d869acf2cb9a1420c35472a4b330d34efa9b9
SHA512

3a796844e80ed1f3c45c3b7f98c45eb615e9f7d0703332674a7a82a1f44799f41cdd29e8c502c579a553b196cff3e4a7e45af82b61b1b34db97c83a2604c8f97
SSDEEP

3072:Cq4pJtbu3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSZ:ALtS3yGFInRO

Score

7^/10

Malware Config

Targets

- Target
  
  d2699a6a35f85651bf6a09728144b940_NeikiAnalytics
- Size
  
  200KB
- MD5
  
  d2699a6a35f85651bf6a09728144b940
- SHA1
  
  2a0520572da9acf57f6259113fec760299c6bff2
- SHA256
  
  6908cd3af6ff6fa94cbdf968ab5d869acf2cb9a1420c35472a4b330d34efa9b9
- SHA512
  
  3a796844e80ed1f3c45c3b7f98c45eb615e9f7d0703332674a7a82a1f44799f41cdd29e8c502c579a553b196cff3e4a7e45af82b61b1b34db97c83a2604c8f97
- SSDEEP
  
  3072:Cq4pJtbu3y4CpCfCGCCOCwC9CvCFCfCLCvCUCLC2FInROUSRSGSuSQSmSNS4SQSZ:ALtS3yGFInRO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2