68cf10b8f381979ffb3ba2d648eb40b391c56516ce3618c3b3879ba34dfeadc6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b0e13c499b12d47826c5d248d669bd0_NeikiAnalytics.exe
Size

38KB
Sample

240519-yq2w8sfc81
MD5

2b0e13c499b12d47826c5d248d669bd0
SHA1

4491d9b052f8b87088a13fef50e92407172963e0
SHA256

68cf10b8f381979ffb3ba2d648eb40b391c56516ce3618c3b3879ba34dfeadc6
SHA512

7ac9c98366128c6327e4536ea5253f5499bc9ee3d66329064faf4822e1f24fe31683f0b65726dbdb0bdc7ffb268a97972691966574302d4df655da65fd7f72da
SSDEEP

768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4h6cg:fT+hsMQMOtEvwDpjoIHh6R

Score

7^/10

Malware Config

Targets

- Target
  
  2b0e13c499b12d47826c5d248d669bd0_NeikiAnalytics.exe
- Size
  
  38KB
- MD5
  
  2b0e13c499b12d47826c5d248d669bd0
- SHA1
  
  4491d9b052f8b87088a13fef50e92407172963e0
- SHA256
  
  68cf10b8f381979ffb3ba2d648eb40b391c56516ce3618c3b3879ba34dfeadc6
- SHA512
  
  7ac9c98366128c6327e4536ea5253f5499bc9ee3d66329064faf4822e1f24fe31683f0b65726dbdb0bdc7ffb268a97972691966574302d4df655da65fd7f72da
- SSDEEP
  
  768:fTz7y3lhsT+hs1SQtOOtEvwDpjfAu9+4h6cg:fT+hsMQMOtEvwDpjoIHh6R
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2