04a68dabbd17cd7e7d519ba90f633e6f022172cf0e81b6524160fdb7aa9809e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04a68dabbd17cd7e7d519ba90f633e6f022172cf0e81b6524160fdb7aa9809e3_NeikiAnalytics
Size

12KB
Sample

240521-f35jsabg3x
MD5

fbe876ce3f416cb9960b16bdf3defcf0
SHA1

b61adbc880e5a42fc3be114446ff3b98c704091d
SHA256

04a68dabbd17cd7e7d519ba90f633e6f022172cf0e81b6524160fdb7aa9809e3
SHA512

e2c825cc8944137c0f89ddffad4e319b074d39322cbae96971e5a6c77d08e975b9ddf589f18f61bc73d90f3572565baaebbc525a4556f07a8b123ce0e9afefad
SSDEEP

384:qL7li/2zFq2DcEQvdhcJKLTp/NK9xaPgh:0lM/Q9cPgh

Score

7^/10

Malware Config

Targets

- Target
  
  04a68dabbd17cd7e7d519ba90f633e6f022172cf0e81b6524160fdb7aa9809e3_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  fbe876ce3f416cb9960b16bdf3defcf0
- SHA1
  
  b61adbc880e5a42fc3be114446ff3b98c704091d
- SHA256
  
  04a68dabbd17cd7e7d519ba90f633e6f022172cf0e81b6524160fdb7aa9809e3
- SHA512
  
  e2c825cc8944137c0f89ddffad4e319b074d39322cbae96971e5a6c77d08e975b9ddf589f18f61bc73d90f3572565baaebbc525a4556f07a8b123ce0e9afefad
- SSDEEP
  
  384:qL7li/2zFq2DcEQvdhcJKLTp/NK9xaPgh:0lM/Q9cPgh
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2