de76512dec5f4a6f14c9240d1f69c20a5f5b4a94751b5a84f2ecd9f34832d4fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc6b2136949d11869c54f0b11cce7c10_NeikiAnalytics
Size

59KB
Sample

240516-nfec3sae22
MD5

dc6b2136949d11869c54f0b11cce7c10
SHA1

a8b1b1301dcb621c7f4ac68e7aac1c129370fb17
SHA256

de76512dec5f4a6f14c9240d1f69c20a5f5b4a94751b5a84f2ecd9f34832d4fa
SHA512

0b08f0fd95bdfa22e78b6875c9e96c5fee9a0a36ab246542fccbf1f2588b2fc88989f968761b2b21c34e57fd0de6ed125bbd8758b1c504035be3795b8cd9e94c
SSDEEP

768:NLhcSDgpxUueqk230wHmIOdic+AvALExifcdNOjEOM65tmVPEL1:NLhcRLleqk4rTOdbvAw9NO58V+1

Score

7^/10

Malware Config

Targets

- Target
  
  dc6b2136949d11869c54f0b11cce7c10_NeikiAnalytics
- Size
  
  59KB
- MD5
  
  dc6b2136949d11869c54f0b11cce7c10
- SHA1
  
  a8b1b1301dcb621c7f4ac68e7aac1c129370fb17
- SHA256
  
  de76512dec5f4a6f14c9240d1f69c20a5f5b4a94751b5a84f2ecd9f34832d4fa
- SHA512
  
  0b08f0fd95bdfa22e78b6875c9e96c5fee9a0a36ab246542fccbf1f2588b2fc88989f968761b2b21c34e57fd0de6ed125bbd8758b1c504035be3795b8cd9e94c
- SSDEEP
  
  768:NLhcSDgpxUueqk230wHmIOdic+AvALExifcdNOjEOM65tmVPEL1:NLhcRLleqk4rTOdbvAw9NO58V+1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2