Overview

overview

7

Static

static

3

5430912b5e...cs.exe

windows7-x64

7

5430912b5e...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5430912b5e0babca8426a2defbe5df30_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240522-25h98ace9t

  • MD5

    5430912b5e0babca8426a2defbe5df30

  • SHA1

    83097dbc256d389977ec4167f8349c13b1cc8796

  • SHA256

    d31ad3018fc3d309e862d5bdadd979716b030d414c0e593938e84c3fbf663096

  • SHA512

    00d1a16a5b6d346d63a9370b45ab16c7c0685efe4b14256d0ec05ea29c1f0bf1cb7d4f2d2f5e764fb5026cae7527be5ee4fce3034123e2e9e4f7e0aad8b330e7

  • SSDEEP

    384:cL7li/2zKq2DcEQvdQcJKLTp/NK9xams:6aMCQ9cms

Score
7/10

Malware Config

Targets

    • Target

      5430912b5e0babca8426a2defbe5df30_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      5430912b5e0babca8426a2defbe5df30

    • SHA1

      83097dbc256d389977ec4167f8349c13b1cc8796

    • SHA256

      d31ad3018fc3d309e862d5bdadd979716b030d414c0e593938e84c3fbf663096

    • SHA512

      00d1a16a5b6d346d63a9370b45ab16c7c0685efe4b14256d0ec05ea29c1f0bf1cb7d4f2d2f5e764fb5026cae7527be5ee4fce3034123e2e9e4f7e0aad8b330e7

    • SSDEEP

      384:cL7li/2zKq2DcEQvdQcJKLTp/NK9xams:6aMCQ9cms

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

1
T1064

Persistence

Privilege Escalation

Defense Evasion

Scripting

1
T1064

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks