8c9377033e8bf44f8b296897ff9f65741257ab338a572b816da381b589f0ac71 | Triage

Sharing

General

Target

4e09117175550c67584f2f757d28f290_NeikiAnalytics.exe
Size

1.9MB
Sample

240522-2kdt1abf93
MD5

4e09117175550c67584f2f757d28f290
SHA1

cd13a2a360fa85f5fb715ced44c90a70208bee70
SHA256

8c9377033e8bf44f8b296897ff9f65741257ab338a572b816da381b589f0ac71
SHA512

a20f62d2db83ac05f93e366043ef0f64f527e39486dfdfce688a158f0ab01c55a26b917c624ae084c7927be3d2441e55e3e71ac7e25d9afdb849eb1beebdf219
SSDEEP

6144:2BDHmrz4niNy8o3Zp/TWt+g4RQTDUBO8/2vh+ziDV8m56TBac2Guc:wDHmoniNy8L8g4RgoBO8/2vhDX56Tf

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  4e09117175550c67584f2f757d28f290_NeikiAnalytics.exe
- Size
  
  1.9MB
- MD5
  
  4e09117175550c67584f2f757d28f290
- SHA1
  
  cd13a2a360fa85f5fb715ced44c90a70208bee70
- SHA256
  
  8c9377033e8bf44f8b296897ff9f65741257ab338a572b816da381b589f0ac71
- SHA512
  
  a20f62d2db83ac05f93e366043ef0f64f527e39486dfdfce688a158f0ab01c55a26b917c624ae084c7927be3d2441e55e3e71ac7e25d9afdb849eb1beebdf219
- SSDEEP
  
  6144:2BDHmrz4niNy8o3Zp/TWt+g4RQTDUBO8/2vh+ziDV8m56TBac2Guc:wDHmoniNy8L8g4RgoBO8/2vhDX56Tf
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2