28b8ebecd0379c57fe368aaddd0ecf30827a9a9889b63ea06384dda5c8e39369 | Triage

Sharing

General

Target

7011cc050bdfc4ba002c47a27d7aa470_NeikiAnalytics
Size

12KB
Sample

240516-brjqqaeb33
MD5

7011cc050bdfc4ba002c47a27d7aa470
SHA1

62d0239706dd6bb7406171b3bca55136e251d04a
SHA256

28b8ebecd0379c57fe368aaddd0ecf30827a9a9889b63ea06384dda5c8e39369
SHA512

a4278e19bc6a1038b7cb2610cfd1b4dc80f3436bfda49219797303d24e8d40151c7dcd9333c1a58663a33658e0e65f05ce456b65edf36070bdb5462fe512c931
SSDEEP

384:WL7li/2z5q2DcEQvdhcJKLTp/NK9xabu:Q5M/Q9cbu

Score

7^/10

Malware Config

Targets

- Target
  
  7011cc050bdfc4ba002c47a27d7aa470_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  7011cc050bdfc4ba002c47a27d7aa470
- SHA1
  
  62d0239706dd6bb7406171b3bca55136e251d04a
- SHA256
  
  28b8ebecd0379c57fe368aaddd0ecf30827a9a9889b63ea06384dda5c8e39369
- SHA512
  
  a4278e19bc6a1038b7cb2610cfd1b4dc80f3436bfda49219797303d24e8d40151c7dcd9333c1a58663a33658e0e65f05ce456b65edf36070bdb5462fe512c931
- SSDEEP
  
  384:WL7li/2z5q2DcEQvdhcJKLTp/NK9xabu:Q5M/Q9cbu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2