8e8ec620c9d54c70f3c6e8529e06496b3595fe11d3ff65faab8ca1f081a488e9 | Triage

Sharing

General

Target

5d8b5b577a3e502a41c81bb3fa0ec520_NeikiAnalytics.exe
Size

12KB
Sample

240522-31z8lsea2v
MD5

5d8b5b577a3e502a41c81bb3fa0ec520
SHA1

f40dfeaf876e329194d691bec858b5295fa84e18
SHA256

8e8ec620c9d54c70f3c6e8529e06496b3595fe11d3ff65faab8ca1f081a488e9
SHA512

9980f120922ab8386cb6f1db583af32378acaecd2df40e93eb4ffda68da97b9108a63b349c366cd9ac1e146a214c4df35c3ccf4a90d83ff53ca4f8385d7ff7fb
SSDEEP

384:3L7li/2zzq2DcEQvdQcJKLTp/NK9xalY:7fMCQ9clY

Score

7^/10

Malware Config

Targets

- Target
  
  5d8b5b577a3e502a41c81bb3fa0ec520_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5d8b5b577a3e502a41c81bb3fa0ec520
- SHA1
  
  f40dfeaf876e329194d691bec858b5295fa84e18
- SHA256
  
  8e8ec620c9d54c70f3c6e8529e06496b3595fe11d3ff65faab8ca1f081a488e9
- SHA512
  
  9980f120922ab8386cb6f1db583af32378acaecd2df40e93eb4ffda68da97b9108a63b349c366cd9ac1e146a214c4df35c3ccf4a90d83ff53ca4f8385d7ff7fb
- SSDEEP
  
  384:3L7li/2zzq2DcEQvdQcJKLTp/NK9xalY:7fMCQ9clY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2