61348b0a523ed4db270f7d3e71fa30c0c84f6462fa8ac6353c5c8d6dc7d0b371 | Triage

Sharing

General

Target

0be36e3de0a1ac313a197f95cc13e5d0_NeikiAnalytics.exe
Size

75KB
Sample

240521-zkp6xshh53
MD5

0be36e3de0a1ac313a197f95cc13e5d0
SHA1

b8265049b18669aa71b3a176431e820ef1b6f058
SHA256

61348b0a523ed4db270f7d3e71fa30c0c84f6462fa8ac6353c5c8d6dc7d0b371
SHA512

c664de9f37b500b0fa0a8946226ac4a03a4447fac92fde49dd1ebf9ca410944211e6d54d675f63e002668471b1f6ced5fab847487d1f92bb917284cde5cf3958
SSDEEP

1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHszt:X6a+SOtEvwDpjBZYvQd2q

Score

7^/10

Malware Config

Targets

- Target
  
  0be36e3de0a1ac313a197f95cc13e5d0_NeikiAnalytics.exe
- Size
  
  75KB
- MD5
  
  0be36e3de0a1ac313a197f95cc13e5d0
- SHA1
  
  b8265049b18669aa71b3a176431e820ef1b6f058
- SHA256
  
  61348b0a523ed4db270f7d3e71fa30c0c84f6462fa8ac6353c5c8d6dc7d0b371
- SHA512
  
  c664de9f37b500b0fa0a8946226ac4a03a4447fac92fde49dd1ebf9ca410944211e6d54d675f63e002668471b1f6ced5fab847487d1f92bb917284cde5cf3958
- SSDEEP
  
  1536:X6QFElP6n+gJQMOtEvwDpjBZYTjipvF2bx1rHszt:X6a+SOtEvwDpjBZYvQd2q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2