9bca4db8f2194bd9cf93fbd403d3fa476257ee79400c3a635e021d33022e9bac | Triage

Sharing

General

Target

0c85cd39aa51a9f2a5d75e23db5521e0_NeikiAnalytics.exe
Size

41KB
Sample

240521-zmdkxaaa36
MD5

0c85cd39aa51a9f2a5d75e23db5521e0
SHA1

f07ba0c56b6273e45d1a5ae35008b20a8853da0a
SHA256

9bca4db8f2194bd9cf93fbd403d3fa476257ee79400c3a635e021d33022e9bac
SHA512

cb3bc5b486cf80f389cc78197ef20100fc63ff7a85b80423a52b7c65e756fa35eb1ff12eba47dfed447fb87877904a9617fbc72f42785a285340c15c47f1bd39
SSDEEP

768:MApQr0ovdFJI34eGxusOy9Rp1pLeAxoeC48PqK1V:MAaDJlMsh7pWezi

Score

7^/10

Malware Config

Targets

- Target
  
  0c85cd39aa51a9f2a5d75e23db5521e0_NeikiAnalytics.exe
- Size
  
  41KB
- MD5
  
  0c85cd39aa51a9f2a5d75e23db5521e0
- SHA1
  
  f07ba0c56b6273e45d1a5ae35008b20a8853da0a
- SHA256
  
  9bca4db8f2194bd9cf93fbd403d3fa476257ee79400c3a635e021d33022e9bac
- SHA512
  
  cb3bc5b486cf80f389cc78197ef20100fc63ff7a85b80423a52b7c65e756fa35eb1ff12eba47dfed447fb87877904a9617fbc72f42785a285340c15c47f1bd39
- SSDEEP
  
  768:MApQr0ovdFJI34eGxusOy9Rp1pLeAxoeC48PqK1V:MAaDJlMsh7pWezi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2