ae2036bd2a36b61a0a644ae1b22ccc7d47e911584bbab043f821dd10e6866181 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3b0ef89d1aae3162f183c6287a7bd90_NeikiAnalytics.exe
Size

12KB
Sample

240520-ng3gashh6t
MD5

f3b0ef89d1aae3162f183c6287a7bd90
SHA1

aa571d5d25bffa0da454d1440da6cebc57503ee8
SHA256

ae2036bd2a36b61a0a644ae1b22ccc7d47e911584bbab043f821dd10e6866181
SHA512

d766cc9631198e53d6cd985fa827fa59d3408c43f2bca64999406e1ab4a5764f77f96198bad55ba0ff96751496e494ba443d769c99d5e11aa10b76b88e22edd7
SSDEEP

384:UL7li/2zZq2DcEQvdQcJKLTp/NK9xawF:CxMCQ9cwF

Score

7^/10

Malware Config

Targets

- Target
  
  f3b0ef89d1aae3162f183c6287a7bd90_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  f3b0ef89d1aae3162f183c6287a7bd90
- SHA1
  
  aa571d5d25bffa0da454d1440da6cebc57503ee8
- SHA256
  
  ae2036bd2a36b61a0a644ae1b22ccc7d47e911584bbab043f821dd10e6866181
- SHA512
  
  d766cc9631198e53d6cd985fa827fa59d3408c43f2bca64999406e1ab4a5764f77f96198bad55ba0ff96751496e494ba443d769c99d5e11aa10b76b88e22edd7
- SSDEEP
  
  384:UL7li/2zZq2DcEQvdQcJKLTp/NK9xawF:CxMCQ9cwF
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2