61a881fa941c20db2a2647273586a03005c6da3cd7c8e1d255a1e7ad356fde11 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df994642262188416d9d5427de4c9df0_NeikiAnalytics
Size

232KB
Sample

240516-p8gjksec59
MD5

df994642262188416d9d5427de4c9df0
SHA1

5c8fbdcb4a8e313ae219c437ae0f3a7e12cd479b
SHA256

61a881fa941c20db2a2647273586a03005c6da3cd7c8e1d255a1e7ad356fde11
SHA512

c9bbbaef8814382dd802c875b94419e646e4496a8bee89888766f7eb3d6fbaa7ec128a97c93f9160a29e1c7ed8f94fc5e09f92fbc1426e9f46ac844418f8d0cc
SSDEEP

3072:GPmKh0h2Rj+hCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GPnh0ERj+AYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  df994642262188416d9d5427de4c9df0_NeikiAnalytics
- Size
  
  232KB
- MD5
  
  df994642262188416d9d5427de4c9df0
- SHA1
  
  5c8fbdcb4a8e313ae219c437ae0f3a7e12cd479b
- SHA256
  
  61a881fa941c20db2a2647273586a03005c6da3cd7c8e1d255a1e7ad356fde11
- SHA512
  
  c9bbbaef8814382dd802c875b94419e646e4496a8bee89888766f7eb3d6fbaa7ec128a97c93f9160a29e1c7ed8f94fc5e09f92fbc1426e9f46ac844418f8d0cc
- SSDEEP
  
  3072:GPmKh0h2Rj+hCjG8G3GbGVGBGfGuGxGWYcrf6KadU:GPnh0ERj+AYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2