9d70d400b622db4bffb314904495b03fc58321dc4a68add6ed9d36f2f4f5b38f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be003e19f7a7c581c0e335ea32872d70_NeikiAnalytics.exe
Size

78KB
Sample

240520-gkqtcaed47
MD5

be003e19f7a7c581c0e335ea32872d70
SHA1

0f34d58acfb8a956b6f863416a74c8f07f8e59b0
SHA256

9d70d400b622db4bffb314904495b03fc58321dc4a68add6ed9d36f2f4f5b38f
SHA512

37695554431f4718a25d6d968da1e32fdc1354fb2766fe247dff14462e6f7cc7af56ae3d310dcd3354957d857e591e8ad3f0a8fa9de9375b0a5765aa407d9dd9
SSDEEP

1536:mB+FC9RntfWeoGiPyCHjKDjfQQQtUdtjVD/Df:mB+F8tfPN4yCDKDjfQQQtA

Score

7^/10

Malware Config

Targets

- Target
  
  be003e19f7a7c581c0e335ea32872d70_NeikiAnalytics.exe
- Size
  
  78KB
- MD5
  
  be003e19f7a7c581c0e335ea32872d70
- SHA1
  
  0f34d58acfb8a956b6f863416a74c8f07f8e59b0
- SHA256
  
  9d70d400b622db4bffb314904495b03fc58321dc4a68add6ed9d36f2f4f5b38f
- SHA512
  
  37695554431f4718a25d6d968da1e32fdc1354fb2766fe247dff14462e6f7cc7af56ae3d310dcd3354957d857e591e8ad3f0a8fa9de9375b0a5765aa407d9dd9
- SSDEEP
  
  1536:mB+FC9RntfWeoGiPyCHjKDjfQQQtUdtjVD/Df:mB+F8tfPN4yCDKDjfQQQtA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2