73594a0d0104368212638bb77bc504cee8d721ffea533e755a1a30924292ddb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7307edb36a59210de0d6d536ce5f7c0_NeikiAnalytics.exe
Size

12KB
Sample

240517-lcl8eabg63
MD5

e7307edb36a59210de0d6d536ce5f7c0
SHA1

6e11b129d8037185dd9c6a827fc6accfe6bb7313
SHA256

73594a0d0104368212638bb77bc504cee8d721ffea533e755a1a30924292ddb2
SHA512

8e5c71b290fb6d1502c93d242f0db378b737c2ec1c3cd13439767dcaff439ea5145693ce37450ef755ea882881aa24cdb50d4345aa773a2f151900853ca568d6
SSDEEP

384:zL7li/2zDq2DcEQvdQcJKLTp/NK9xa1R:X3MCQ9c1R

Score

7^/10

Malware Config

Targets

- Target
  
  e7307edb36a59210de0d6d536ce5f7c0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  e7307edb36a59210de0d6d536ce5f7c0
- SHA1
  
  6e11b129d8037185dd9c6a827fc6accfe6bb7313
- SHA256
  
  73594a0d0104368212638bb77bc504cee8d721ffea533e755a1a30924292ddb2
- SHA512
  
  8e5c71b290fb6d1502c93d242f0db378b737c2ec1c3cd13439767dcaff439ea5145693ce37450ef755ea882881aa24cdb50d4345aa773a2f151900853ca568d6
- SSDEEP
  
  384:zL7li/2zDq2DcEQvdQcJKLTp/NK9xa1R:X3MCQ9c1R
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2