94cdbc9dc46728d69b38e2574c23567d1900f1d00ef6ed54c4ba13d8f6d00338 | Triage

Sharing

General

Target

a63aa3b723b26c803a3cf7342f427b30_NeikiAnalytics.exe
Size

512KB
Sample

240520-eht2waaf22
MD5

a63aa3b723b26c803a3cf7342f427b30
SHA1

c556b7b645281350a3da7d895e52ec41aae466f1
SHA256

94cdbc9dc46728d69b38e2574c23567d1900f1d00ef6ed54c4ba13d8f6d00338
SHA512

00192c3bbef8d4faf7954881bb0e8bf9d23498ce600609de54f6b5db3f4be5b528c8797a23be27df67f2cf2c428dcbb998478ac0d42029dd54de74fcdc83884a
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxb:dqDAwl0xPTMiR9JSSxPUKYGdodHE

Score

7^/10

Malware Config

Targets

- Target
  
  a63aa3b723b26c803a3cf7342f427b30_NeikiAnalytics.exe
- Size
  
  512KB
- MD5
  
  a63aa3b723b26c803a3cf7342f427b30
- SHA1
  
  c556b7b645281350a3da7d895e52ec41aae466f1
- SHA256
  
  94cdbc9dc46728d69b38e2574c23567d1900f1d00ef6ed54c4ba13d8f6d00338
- SHA512
  
  00192c3bbef8d4faf7954881bb0e8bf9d23498ce600609de54f6b5db3f4be5b528c8797a23be27df67f2cf2c428dcbb998478ac0d42029dd54de74fcdc83884a
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxb:dqDAwl0xPTMiR9JSSxPUKYGdodHE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2