bf6b465987601387f0988dc1f937ab5714b04c7f4a757e2b1cc11ce1d2a9f763 | Triage

Sharing

General

Target

0a1c0d44f78058e9b295aa9089302b20_NeikiAnalytics.exe
Size

34KB
Sample

240521-zfkqmshf63
MD5

0a1c0d44f78058e9b295aa9089302b20
SHA1

ef47d13dc3e23c1b3b408f45ef9e175c8799fd9a
SHA256

bf6b465987601387f0988dc1f937ab5714b04c7f4a757e2b1cc11ce1d2a9f763
SHA512

67d6a1f6fad6c52831fc742cbfacca597a58df6494c5a3d4fe02c4ee0ef2b8ba379746470bd0799d58357c04ff42d109d9d8883077ae255b6ea424fe784efb0f
SSDEEP

384:MApc8m4e0LvQak4JI341CNabnkIU0SqwunabV/6II:MApQr0LvdFJI34nTkIU0ZnwI

Score

7^/10

Malware Config

Targets

- Target
  
  0a1c0d44f78058e9b295aa9089302b20_NeikiAnalytics.exe
- Size
  
  34KB
- MD5
  
  0a1c0d44f78058e9b295aa9089302b20
- SHA1
  
  ef47d13dc3e23c1b3b408f45ef9e175c8799fd9a
- SHA256
  
  bf6b465987601387f0988dc1f937ab5714b04c7f4a757e2b1cc11ce1d2a9f763
- SHA512
  
  67d6a1f6fad6c52831fc742cbfacca597a58df6494c5a3d4fe02c4ee0ef2b8ba379746470bd0799d58357c04ff42d109d9d8883077ae255b6ea424fe784efb0f
- SSDEEP
  
  384:MApc8m4e0LvQak4JI341CNabnkIU0SqwunabV/6II:MApQr0LvdFJI34nTkIU0ZnwI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2