b7c1087a1bb762e166b75b41f1e9454f81d186aaafc54dd4b0a35175149d9efd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29252a7b960e967951e7360ef3e7ea20_NeikiAnalytics.exe
Size

12KB
Sample

240516-y3s5vsef9y
MD5

29252a7b960e967951e7360ef3e7ea20
SHA1

b7884b96fd26370cdf3c73d11c883918c265a49f
SHA256

b7c1087a1bb762e166b75b41f1e9454f81d186aaafc54dd4b0a35175149d9efd
SHA512

25451cca4342a0bb452c545f84d71bee06a72461029c12b3f3d74f1a28d1ac34ae10b98f423bf7873c6cd37f3cf67bba7df38b97e7a9c2a125f53249719c43d8
SSDEEP

384:bL7li/2zNq2DcEQvdQcJKLTp/NK9xa9+:P1MCQ9c9+

Score

7^/10

Malware Config

Targets

- Target
  
  29252a7b960e967951e7360ef3e7ea20_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  29252a7b960e967951e7360ef3e7ea20
- SHA1
  
  b7884b96fd26370cdf3c73d11c883918c265a49f
- SHA256
  
  b7c1087a1bb762e166b75b41f1e9454f81d186aaafc54dd4b0a35175149d9efd
- SHA512
  
  25451cca4342a0bb452c545f84d71bee06a72461029c12b3f3d74f1a28d1ac34ae10b98f423bf7873c6cd37f3cf67bba7df38b97e7a9c2a125f53249719c43d8
- SSDEEP
  
  384:bL7li/2zNq2DcEQvdQcJKLTp/NK9xa9+:P1MCQ9c9+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2