d18b2cdeeabcd9b23fe3c3bbbaa60c5e0a64bb9f7f53c3ead460b243f34b3bf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

202405205aee453bb23b49ae740e2700e53528cccryptolocker_NeikiAnalytics
Size

83KB
Sample

240521-j15csaea8z
MD5

5aee453bb23b49ae740e2700e53528cc
SHA1

266d5b82830f569199dadef9980d2c17d7a0e7cd
SHA256

d18b2cdeeabcd9b23fe3c3bbbaa60c5e0a64bb9f7f53c3ead460b243f34b3bf9
SHA512

2002fbc29d5cdbb6054c02104a98b52c5fdf943edccd5d31f2fd5191f5aac992187810aa852596611646b830b640088ebc46c6ca93e4c837166984b02ae8ebe7
SSDEEP

1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrCK:TCjsIOtEvwDpj5HE/OUHnSMr

Score

7^/10

Malware Config

Targets

- Target
  
  202405205aee453bb23b49ae740e2700e53528cccryptolocker_NeikiAnalytics
- Size
  
  83KB
- MD5
  
  5aee453bb23b49ae740e2700e53528cc
- SHA1
  
  266d5b82830f569199dadef9980d2c17d7a0e7cd
- SHA256
  
  d18b2cdeeabcd9b23fe3c3bbbaa60c5e0a64bb9f7f53c3ead460b243f34b3bf9
- SHA512
  
  2002fbc29d5cdbb6054c02104a98b52c5fdf943edccd5d31f2fd5191f5aac992187810aa852596611646b830b640088ebc46c6ca93e4c837166984b02ae8ebe7
- SSDEEP
  
  1536:Tj+jsMQMOtEvwDpj5HmpJpOUHECgNMo0vp2EMMrCK:TCjsIOtEvwDpj5HE/OUHnSMr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2