57825a7159ffc039e603df819537cc86b22c8dabd6ae377e1947d303fa4a435c | Triage

Sharing

General

Target

587c174ab3f3747cd6d8c0e310d1fc10_NeikiAnalytics.exe
Size

12KB
Sample

240522-3h1fnadc64
MD5

587c174ab3f3747cd6d8c0e310d1fc10
SHA1

8c44a280f87d939c15390b830daa8b85cb0177d1
SHA256

57825a7159ffc039e603df819537cc86b22c8dabd6ae377e1947d303fa4a435c
SHA512

3c6b5f1011293f48f14d6556d040000aa909b13c4b91e81b4fa4a1cbca1ce169b923fc89d581b4279ea6992d880609d129f36ef48af1c6f02ad159bf10ba54fe
SSDEEP

384:lL7li/2zTq2DcEQvdQcJKLTp/NK9xam/:l/MCQ9cm/

Score

7^/10

Malware Config

Targets

- Target
  
  587c174ab3f3747cd6d8c0e310d1fc10_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  587c174ab3f3747cd6d8c0e310d1fc10
- SHA1
  
  8c44a280f87d939c15390b830daa8b85cb0177d1
- SHA256
  
  57825a7159ffc039e603df819537cc86b22c8dabd6ae377e1947d303fa4a435c
- SHA512
  
  3c6b5f1011293f48f14d6556d040000aa909b13c4b91e81b4fa4a1cbca1ce169b923fc89d581b4279ea6992d880609d129f36ef48af1c6f02ad159bf10ba54fe
- SSDEEP
  
  384:lL7li/2zTq2DcEQvdQcJKLTp/NK9xam/:l/MCQ9cm/
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2