528869bc5d5cea94e8d24c3a6643f133f86bd767f8bdc01de94f85d622e12658 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

528869bc5d5cea94e8d24c3a6643f133f86bd767f8bdc01de94f85d622e12658_NeikiAnalytics
Size

31KB
Sample

240521-qfn9dsfb5s
MD5

10a758ff4ba17743e29c5ac2fab125c6
SHA1

ef0b5f404229abc4f59be0ef4b1d7fd63de05ffb
SHA256

528869bc5d5cea94e8d24c3a6643f133f86bd767f8bdc01de94f85d622e12658
SHA512

eb2cb16beb34f2581f0cd465d1184efa4ed28f6096a1046e8f7544286d4408d65d18ff3bd7f2ad92d8f987cfbc4cd1b999bac7e83b7f04a4998534011ba0d9a4
SSDEEP

384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7J:bAvJCYOOvbRPDEgXRcJ9

Score

7^/10

Malware Config

Targets

- Target
  
  528869bc5d5cea94e8d24c3a6643f133f86bd767f8bdc01de94f85d622e12658_NeikiAnalytics
- Size
  
  31KB
- MD5
  
  10a758ff4ba17743e29c5ac2fab125c6
- SHA1
  
  ef0b5f404229abc4f59be0ef4b1d7fd63de05ffb
- SHA256
  
  528869bc5d5cea94e8d24c3a6643f133f86bd767f8bdc01de94f85d622e12658
- SHA512
  
  eb2cb16beb34f2581f0cd465d1184efa4ed28f6096a1046e8f7544286d4408d65d18ff3bd7f2ad92d8f987cfbc4cd1b999bac7e83b7f04a4998534011ba0d9a4
- SSDEEP
  
  384:bAvMaNGh4z7CG3POOvbRSLoF/F0QU5XYFnufc/zzo6cJ3v7J:bAvJCYOOvbRPDEgXRcJ9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2