86fdf0bf2aa6218c03fcd2e2e7b4715380eae73100e685fbe9b369a0534ce100 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec75fce1c4d5aa265cd35a5b5f354e40_NeikiAnalytics.exe
Size

12KB
Sample

240517-pqyedahe88
MD5

ec75fce1c4d5aa265cd35a5b5f354e40
SHA1

bb220f4f9c0a21514e6fa68774a5f9d123591118
SHA256

86fdf0bf2aa6218c03fcd2e2e7b4715380eae73100e685fbe9b369a0534ce100
SHA512

77ba5157dbc41b8096679b6a3c2b6479c727dff2979637cc591276e88c21318dc439f8f637246ac98e0decade9e6ea9d7b5c491b060ac89d993868cbad56d9a7
SSDEEP

384:0L7li/2zJq2DcEQvdQcJKLTp/NK9xasC:ipMCQ9csC

Score

7^/10

Malware Config

Targets

- Target
  
  ec75fce1c4d5aa265cd35a5b5f354e40_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  ec75fce1c4d5aa265cd35a5b5f354e40
- SHA1
  
  bb220f4f9c0a21514e6fa68774a5f9d123591118
- SHA256
  
  86fdf0bf2aa6218c03fcd2e2e7b4715380eae73100e685fbe9b369a0534ce100
- SHA512
  
  77ba5157dbc41b8096679b6a3c2b6479c727dff2979637cc591276e88c21318dc439f8f637246ac98e0decade9e6ea9d7b5c491b060ac89d993868cbad56d9a7
- SSDEEP
  
  384:0L7li/2zJq2DcEQvdQcJKLTp/NK9xasC:ipMCQ9csC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2