27b92ce92445bba46c554eb898f263e4737ace3465badc6e380fe8a9cfcfcea2 | Triage

Sharing

General

Target

f32b4873dcd3002586548a9c1ed54910_NeikiAnalytics.exe
Size

995KB
Sample

240520-nf32fahh3z
MD5

f32b4873dcd3002586548a9c1ed54910
SHA1

b281f8ba00faf3cb72a2aaf3230721164f115df4
SHA256

27b92ce92445bba46c554eb898f263e4737ace3465badc6e380fe8a9cfcfcea2
SHA512

f196e5556ee54ba8f7ee3d73096f9a87d0a01e9607c9141d5856f2ac3573dd9dfc74e1ae2e7751af6bc0ab0ecbf8c96c95b353a572e63884b161c8d17eaaf8a0
SSDEEP

12288:Wh3ZukLF5fRY5a/6GX4D1DwhHd1zre/9CL7ztjfiVuNcmb60phKwBm3Nz7Ms:WhMkxlRSaiPDi3qs3J4uNcmb607P4zws

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  f32b4873dcd3002586548a9c1ed54910_NeikiAnalytics.exe
- Size
  
  995KB
- MD5
  
  f32b4873dcd3002586548a9c1ed54910
- SHA1
  
  b281f8ba00faf3cb72a2aaf3230721164f115df4
- SHA256
  
  27b92ce92445bba46c554eb898f263e4737ace3465badc6e380fe8a9cfcfcea2
- SHA512
  
  f196e5556ee54ba8f7ee3d73096f9a87d0a01e9607c9141d5856f2ac3573dd9dfc74e1ae2e7751af6bc0ab0ecbf8c96c95b353a572e63884b161c8d17eaaf8a0
- SSDEEP
  
  12288:Wh3ZukLF5fRY5a/6GX4D1DwhHd1zre/9CL7ztjfiVuNcmb60phKwBm3Nz7Ms:WhMkxlRSaiPDi3qs3J4uNcmb607P4zws
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2