aecb1c3c8444c94130dcfa4b475ed15549282fa089181b8c44f0fc30950ba100 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0cca6426f60f9bab220be588856f9250_NeikiAnalytics.exe
Size

53KB
Sample

240516-w16l3ahg7x
MD5

0cca6426f60f9bab220be588856f9250
SHA1

55d2265b938367a62ca086810ce4c44d2dc5b030
SHA256

aecb1c3c8444c94130dcfa4b475ed15549282fa089181b8c44f0fc30950ba100
SHA512

d224730ee2735c7a2b62977dde61d6f1866eb0b1ba6ba37e2d2315ea84ffe2d62edc0b05f9d13070fcbb7d537f43b2e6db7e62b297116695dcd566016834b0d2
SSDEEP

1536:vNtg8r8QwGUzId7Kp3StjEMjmLM3ztDJWZsXy4JzxPM0:wGUzGJJjmLM3zRJWZsXy4J9

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0cca6426f60f9bab220be588856f9250_NeikiAnalytics.exe
- Size
  
  53KB
- MD5
  
  0cca6426f60f9bab220be588856f9250
- SHA1
  
  55d2265b938367a62ca086810ce4c44d2dc5b030
- SHA256
  
  aecb1c3c8444c94130dcfa4b475ed15549282fa089181b8c44f0fc30950ba100
- SHA512
  
  d224730ee2735c7a2b62977dde61d6f1866eb0b1ba6ba37e2d2315ea84ffe2d62edc0b05f9d13070fcbb7d537f43b2e6db7e62b297116695dcd566016834b0d2
- SSDEEP
  
  1536:vNtg8r8QwGUzId7Kp3StjEMjmLM3ztDJWZsXy4JzxPM0:wGUzGJJjmLM3zRJWZsXy4J9
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence