d9acb4a86c8b5e0346738e4233e21544291ce8bb3d6ad98bb6923705710dad05 | Triage

Sharing

General

Target

e593759a3579adb8624c53c0ec100190_NeikiAnalytics
Size

53KB
Sample

240516-vaej8aeb84
MD5

e593759a3579adb8624c53c0ec100190
SHA1

6d9e9dc48a21eab7d8c793441db65a4adf659da3
SHA256

d9acb4a86c8b5e0346738e4233e21544291ce8bb3d6ad98bb6923705710dad05
SHA512

77e163a01f095cdda3405b430409c8949141b9b4165ee67f3fccbb13ea8c33a76a987b00434cf2ed0bc41436d4b329062bf022c85266f0c1ca22eda62cadd765
SSDEEP

1536:vNVg8r8QgMiqu7Kp3StjEMjmLM3ztDJWZsXy4JzxPMU:gMiXJJjmLM3zRJWZsXy4Jd

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  e593759a3579adb8624c53c0ec100190_NeikiAnalytics
- Size
  
  53KB
- MD5
  
  e593759a3579adb8624c53c0ec100190
- SHA1
  
  6d9e9dc48a21eab7d8c793441db65a4adf659da3
- SHA256
  
  d9acb4a86c8b5e0346738e4233e21544291ce8bb3d6ad98bb6923705710dad05
- SHA512
  
  77e163a01f095cdda3405b430409c8949141b9b4165ee67f3fccbb13ea8c33a76a987b00434cf2ed0bc41436d4b329062bf022c85266f0c1ca22eda62cadd765
- SSDEEP
  
  1536:vNVg8r8QgMiqu7Kp3StjEMjmLM3ztDJWZsXy4JzxPMU:gMiXJJjmLM3zRJWZsXy4Jd
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence