1615e64b1588e23542cb192acb981cc7150e65c1debb7e63d84abaf685ccbe1f | Triage

Sharing

General

Target

1615e64b1588e23542cb192acb981cc7150e65c1debb7e63d84abaf685ccbe1f_NeikiAnalytics
Size

531KB
Sample

240521-hv18hacd8v
MD5

2a2ee3f53cdabfc2e8f651ab18e72480
SHA1

5d2fc708b6f031198a59e2b617a0a4bfd1b93e33
SHA256

1615e64b1588e23542cb192acb981cc7150e65c1debb7e63d84abaf685ccbe1f
SHA512

f79ddc582af36a38c94579cc22803bb62fbb0b61fbc1de743bf8d7c57e0b5b2e06b299bb203e289a4a117c74cfa2987389582fbb911855eee93399679eb34271
SSDEEP

3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx8:4qal8l0xPTMiR9JSSxPUKYGdodHf

Score

7^/10

Malware Config

Targets

- Target
  
  1615e64b1588e23542cb192acb981cc7150e65c1debb7e63d84abaf685ccbe1f_NeikiAnalytics
- Size
  
  531KB
- MD5
  
  2a2ee3f53cdabfc2e8f651ab18e72480
- SHA1
  
  5d2fc708b6f031198a59e2b617a0a4bfd1b93e33
- SHA256
  
  1615e64b1588e23542cb192acb981cc7150e65c1debb7e63d84abaf685ccbe1f
- SHA512
  
  f79ddc582af36a38c94579cc22803bb62fbb0b61fbc1de743bf8d7c57e0b5b2e06b299bb203e289a4a117c74cfa2987389582fbb911855eee93399679eb34271
- SSDEEP
  
  3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx8:4qal8l0xPTMiR9JSSxPUKYGdodHf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2