77d8effb48e17967be15e01e79c94918fc511886421d8a49c498740248336250 | Triage

Sharing

General

Target

4aed43aaf96bb52379e121f531bff450_NeikiAnalytics.exe
Size

12KB
Sample

240522-2aecsabc24
MD5

4aed43aaf96bb52379e121f531bff450
SHA1

ce41377b9d98a35b484ddaafaa6467a2ebfc1902
SHA256

77d8effb48e17967be15e01e79c94918fc511886421d8a49c498740248336250
SHA512

13d0fdb7732e67ab1de658a1a093ac965f101b61fc3f77df1ceddb200ea454d5e99f38a7141040e4bcb9fdfaeb03bb9ccb5f5a1c92a192a965c3e43f27342613
SSDEEP

384:YL7li/2z/q2DcEQvdQcJKLTp/NK9xa0j:mrMCQ9c0j

Score

7^/10

Malware Config

Targets

- Target
  
  4aed43aaf96bb52379e121f531bff450_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  4aed43aaf96bb52379e121f531bff450
- SHA1
  
  ce41377b9d98a35b484ddaafaa6467a2ebfc1902
- SHA256
  
  77d8effb48e17967be15e01e79c94918fc511886421d8a49c498740248336250
- SHA512
  
  13d0fdb7732e67ab1de658a1a093ac965f101b61fc3f77df1ceddb200ea454d5e99f38a7141040e4bcb9fdfaeb03bb9ccb5f5a1c92a192a965c3e43f27342613
- SSDEEP
  
  384:YL7li/2z/q2DcEQvdQcJKLTp/NK9xa0j:mrMCQ9c0j
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2