93bec7cde3290e8c5fd0a795f495a097ffbaa3637ae0dab8ab2e3cdd0884f7fb | Triage

Sharing

General

Target

2fe9826db1ff9f0ad17e3b14149da9f0_NeikiAnalytics.exe
Size

563KB
Sample

240516-zkbcrsfe84
MD5

2fe9826db1ff9f0ad17e3b14149da9f0
SHA1

804bcefeab57b274ececdd318aeb2184c199d235
SHA256

93bec7cde3290e8c5fd0a795f495a097ffbaa3637ae0dab8ab2e3cdd0884f7fb
SHA512

faaae190aa5ef4775c67ad7f16845cfd8d7079e9bef8bf71deb276276cfcdd1e3c971a4a83db95041ae924ef07efdd6c38704ee7366766f79150b33bb352ad1c
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxH:dqDAwl0xPTMiR9JSSxPUKYGdodHw

Score

7^/10

Malware Config

Targets

- Target
  
  2fe9826db1ff9f0ad17e3b14149da9f0_NeikiAnalytics.exe
- Size
  
  563KB
- MD5
  
  2fe9826db1ff9f0ad17e3b14149da9f0
- SHA1
  
  804bcefeab57b274ececdd318aeb2184c199d235
- SHA256
  
  93bec7cde3290e8c5fd0a795f495a097ffbaa3637ae0dab8ab2e3cdd0884f7fb
- SHA512
  
  faaae190aa5ef4775c67ad7f16845cfd8d7079e9bef8bf71deb276276cfcdd1e3c971a4a83db95041ae924ef07efdd6c38704ee7366766f79150b33bb352ad1c
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxH:dqDAwl0xPTMiR9JSSxPUKYGdodHw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2