c8224c442b4c112bf1c71936e70b163db377cc7173303f5205491569cd14bbb6 | Triage

Sharing

General

Target

eafd459dfd6817caff325f2455e405e0_NeikiAnalytics.exe
Size

12KB
Sample

240517-ntt1paga82
MD5

eafd459dfd6817caff325f2455e405e0
SHA1

53b15b4e1d9dd24d500eaa32d0f023712fcd1ca0
SHA256

c8224c442b4c112bf1c71936e70b163db377cc7173303f5205491569cd14bbb6
SHA512

1b5fb08e272b50ccc39607534c65d201450def63ea2df00bd27152c8a69895cc96800cbc2e8faa4ff0dce23c657dead8b20576598c2591a70b74893877002681
SSDEEP

384:3L7li/2zeq2DcEQvdhcJKLTp/NK9xaje:7uM/Q9cje

Score

7^/10

Malware Config

Targets

- Target
  
  eafd459dfd6817caff325f2455e405e0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  eafd459dfd6817caff325f2455e405e0
- SHA1
  
  53b15b4e1d9dd24d500eaa32d0f023712fcd1ca0
- SHA256
  
  c8224c442b4c112bf1c71936e70b163db377cc7173303f5205491569cd14bbb6
- SHA512
  
  1b5fb08e272b50ccc39607534c65d201450def63ea2df00bd27152c8a69895cc96800cbc2e8faa4ff0dce23c657dead8b20576598c2591a70b74893877002681
- SSDEEP
  
  384:3L7li/2zeq2DcEQvdhcJKLTp/NK9xaje:7uM/Q9cje
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2