3deaec794b01e29a75c4564f54a8e77be9586a0c4ebfe121020537afc75f115e | Triage

Sharing

General

Target

0d1cc2731340f812debaa24b8af490f0_NeikiAnalytics.exe
Size

12KB
Sample

240521-znlb5sab71
MD5

0d1cc2731340f812debaa24b8af490f0
SHA1

4ac074c6d034b02d3b8432138b34dcd4b6caf3ca
SHA256

3deaec794b01e29a75c4564f54a8e77be9586a0c4ebfe121020537afc75f115e
SHA512

24d4e1cd126fd75c020beeda0ce532a3019b21584acf093bb77e038df999a15a42d3a5023bb8f4361458b0cf97da7a0719b8f0d367bccaa19799f4531c5a037f
SSDEEP

384:DL7li/2zRq2DcEQvdQcJKLTp/NK9xanv:HhMCQ9cnv

Score

7^/10

Malware Config

Targets

- Target
  
  0d1cc2731340f812debaa24b8af490f0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  0d1cc2731340f812debaa24b8af490f0
- SHA1
  
  4ac074c6d034b02d3b8432138b34dcd4b6caf3ca
- SHA256
  
  3deaec794b01e29a75c4564f54a8e77be9586a0c4ebfe121020537afc75f115e
- SHA512
  
  24d4e1cd126fd75c020beeda0ce532a3019b21584acf093bb77e038df999a15a42d3a5023bb8f4361458b0cf97da7a0719b8f0d367bccaa19799f4531c5a037f
- SSDEEP
  
  384:DL7li/2zRq2DcEQvdQcJKLTp/NK9xanv:HhMCQ9cnv
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2