7b6e04f42945bfcbaf030e10e7a9f1bf8d13957ac3344717ee902326ededad44 | Triage

Sharing

General

Target

4d3a867c1ce25b918dc4fa45136a2b40_NeikiAnalytics.exe
Size

316KB
Sample

240522-2gx4gabe98
MD5

4d3a867c1ce25b918dc4fa45136a2b40
SHA1

d8e6aeba24399861a646f318575ea01fa11f1db8
SHA256

7b6e04f42945bfcbaf030e10e7a9f1bf8d13957ac3344717ee902326ededad44
SHA512

23e4edc3a0cbd22537d42d7704ef386dd4379508058e03e6e1cdea248159ded17abf5c171fce16f6476b3c080695e1a5acd71815dfe72f40a50373b96b2d3f3b
SSDEEP

3072:mYUb5QoJ4g+LsP9iGqT8ZjKIz1ZdW4SrOLVSVpe1GhpSBfmy:mY699qT8hKSZI4zLVSVpe1GvOff

Score

7^/10

Malware Config

Targets

- Target
  
  4d3a867c1ce25b918dc4fa45136a2b40_NeikiAnalytics.exe
- Size
  
  316KB
- MD5
  
  4d3a867c1ce25b918dc4fa45136a2b40
- SHA1
  
  d8e6aeba24399861a646f318575ea01fa11f1db8
- SHA256
  
  7b6e04f42945bfcbaf030e10e7a9f1bf8d13957ac3344717ee902326ededad44
- SHA512
  
  23e4edc3a0cbd22537d42d7704ef386dd4379508058e03e6e1cdea248159ded17abf5c171fce16f6476b3c080695e1a5acd71815dfe72f40a50373b96b2d3f3b
- SSDEEP
  
  3072:mYUb5QoJ4g+LsP9iGqT8ZjKIz1ZdW4SrOLVSVpe1GhpSBfmy:mY699qT8hKSZI4zLVSVpe1GvOff
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2