44351286e6f4dd2a7a55c0bbec4c047bf9dde1888fd9155debec610c3971ec6f | Triage

Sharing

General

Target

44351286e6f4dd2a7a55c0bbec4c047bf9dde1888fd9155debec610c3971ec6f_NeikiAnalytics
Size

12KB
Sample

240521-n1nr9acf5w
MD5

ddc67ba23fec835725342dd541961f40
SHA1

28b215b450110d1f9bb9b058f1536a8fcec61d81
SHA256

44351286e6f4dd2a7a55c0bbec4c047bf9dde1888fd9155debec610c3971ec6f
SHA512

9cc849d87bdc0e87f4f8e68114536f6dad7d2b0ac66ec09a5cf08347cd2ab4b5e2aa92a87ffa6608adcc1c67307dd59af4296c4b29d8c0b5d1c8d413d19db5ea
SSDEEP

384:qL7li/2zqq2DcEQvdQcJKLTp/NK9xaQC:0iMCQ9cQC

Score

7^/10

Malware Config

Targets

- Target
  
  44351286e6f4dd2a7a55c0bbec4c047bf9dde1888fd9155debec610c3971ec6f_NeikiAnalytics
- Size
  
  12KB
- MD5
  
  ddc67ba23fec835725342dd541961f40
- SHA1
  
  28b215b450110d1f9bb9b058f1536a8fcec61d81
- SHA256
  
  44351286e6f4dd2a7a55c0bbec4c047bf9dde1888fd9155debec610c3971ec6f
- SHA512
  
  9cc849d87bdc0e87f4f8e68114536f6dad7d2b0ac66ec09a5cf08347cd2ab4b5e2aa92a87ffa6608adcc1c67307dd59af4296c4b29d8c0b5d1c8d413d19db5ea
- SSDEEP
  
  384:qL7li/2zqq2DcEQvdQcJKLTp/NK9xaQC:0iMCQ9cQC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2