Overview

overview

7

Static

static

3

5891cb6e42...cs.exe

windows7-x64

7

5891cb6e42...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5891cb6e42779d9714fbbca721d04250_NeikiAnalytics.exe

  • Size

    530KB

  • Sample

    240522-3jfsmsdc79

  • MD5

    5891cb6e42779d9714fbbca721d04250

  • SHA1

    c0e275437667efcb8da256a798b068aa00c76e1a

  • SHA256

    1bfc66c741f83296c7f97c22634f97a2091ba602bc32f84e6df9d79873224c4b

  • SHA512

    8621053f3a666dc5806ec13d6c03ca4de3c984e26af8459174443b8813aa8bab6216c012d851e00e4ebed4b046d1e4df95b0a43f52ba3faea176fd90987b4ca4

  • SSDEEP

    3072:8CaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAt:8qDAwl0xPTMiR9JSSxPUKuqododHYl

Score
7/10

Malware Config

Targets

    • Target

      5891cb6e42779d9714fbbca721d04250_NeikiAnalytics.exe

    • Size

      530KB

    • MD5

      5891cb6e42779d9714fbbca721d04250

    • SHA1

      c0e275437667efcb8da256a798b068aa00c76e1a

    • SHA256

      1bfc66c741f83296c7f97c22634f97a2091ba602bc32f84e6df9d79873224c4b

    • SHA512

      8621053f3a666dc5806ec13d6c03ca4de3c984e26af8459174443b8813aa8bab6216c012d851e00e4ebed4b046d1e4df95b0a43f52ba3faea176fd90987b4ca4

    • SSDEEP

      3072:8CaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAt:8qDAwl0xPTMiR9JSSxPUKuqododHYl

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks