5aac6feeca4f7ea8a0621d8de5d6759eeb47c0953ead1f74cb4519d026058f63 | Triage

Sharing

General

Target

ade14dacb4f69ba39a54d046ca911290_NeikiAnalytics.exe
Size

124KB
Sample

240520-e6stqabg97
MD5

ade14dacb4f69ba39a54d046ca911290
SHA1

641c1573c9dc186e219f8d07eb1ebef34673b37f
SHA256

5aac6feeca4f7ea8a0621d8de5d6759eeb47c0953ead1f74cb4519d026058f63
SHA512

04c094bc66ee5151f3a035023216d5a1b8e00f39ee3a239116577075c70c35368c11319e5265bcb173e95488a1b7fc96a67e7ff578aa9d34fb6b67eb0e3b24ba
SSDEEP

1536:SQsz45Y9ihRO/N69BH3OoGa+FL9jKceRgrkjSo:FGKY8hkFoN3Oo1+F92S

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  ade14dacb4f69ba39a54d046ca911290_NeikiAnalytics.exe
- Size
  
  124KB
- MD5
  
  ade14dacb4f69ba39a54d046ca911290
- SHA1
  
  641c1573c9dc186e219f8d07eb1ebef34673b37f
- SHA256
  
  5aac6feeca4f7ea8a0621d8de5d6759eeb47c0953ead1f74cb4519d026058f63
- SHA512
  
  04c094bc66ee5151f3a035023216d5a1b8e00f39ee3a239116577075c70c35368c11319e5265bcb173e95488a1b7fc96a67e7ff578aa9d34fb6b67eb0e3b24ba
- SSDEEP
  
  1536:SQsz45Y9ihRO/N69BH3OoGa+FL9jKceRgrkjSo:FGKY8hkFoN3Oo1+F92S
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence