994e4f9ca5f7c8c8f297da812336d39754d3f534cf002a17db4945f073ac9322 | Triage

Sharing

General

Target

543b23ad196e90710523828f65e02330_NeikiAnalytics.exe
Size

531KB
Sample

240522-25p3rscf2s
MD5

543b23ad196e90710523828f65e02330
SHA1

51ca06282738b0f0cfa1c4c8ae63ba62a30346c1
SHA256

994e4f9ca5f7c8c8f297da812336d39754d3f534cf002a17db4945f073ac9322
SHA512

680f6d2e72f251341c9b8e14b026da80c1124bd49eee6f3a66d5cff9ecc6870e2cfd58536a27b5f81c59b3aced657844c5ef830ff4159a9c1ec66c231b58c4c2
SSDEEP

3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxl:4qal8l0xPTMiR9JSSxPUKYGdodHe

Score

7^/10

Malware Config

Targets

- Target
  
  543b23ad196e90710523828f65e02330_NeikiAnalytics.exe
- Size
  
  531KB
- MD5
  
  543b23ad196e90710523828f65e02330
- SHA1
  
  51ca06282738b0f0cfa1c4c8ae63ba62a30346c1
- SHA256
  
  994e4f9ca5f7c8c8f297da812336d39754d3f534cf002a17db4945f073ac9322
- SHA512
  
  680f6d2e72f251341c9b8e14b026da80c1124bd49eee6f3a66d5cff9ecc6870e2cfd58536a27b5f81c59b3aced657844c5ef830ff4159a9c1ec66c231b58c4c2
- SSDEEP
  
  3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxl:4qal8l0xPTMiR9JSSxPUKYGdodHe
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2