8a48a7111f63b5e96b09ba8f1b7e27b0ad7f3acd157b1a3bb9984c6d6c0c4500 | Triage

Sharing

General

Target

140bb9e967f15182f0b6b4446615e790_NeikiAnalytics.exe
Size

12KB
Sample

240522-ch3b5sha91
MD5

140bb9e967f15182f0b6b4446615e790
SHA1

75f56daceed685ede96cd7eeb5d9409dff9db37e
SHA256

8a48a7111f63b5e96b09ba8f1b7e27b0ad7f3acd157b1a3bb9984c6d6c0c4500
SHA512

7a8b9e597086059efa5038a7f28d6d665d080602559da78775376a0849c72daa3a2c3cda5a6b1bfc4dd14bb198d2e4ec2012f167a3f11a37e9d937928d4c20ea
SSDEEP

384:BL7li/2zBq2DcEQvdhcJKLTp/NK9xayI:hhM/Q9cyI

Score

7^/10

Malware Config

Targets

- Target
  
  140bb9e967f15182f0b6b4446615e790_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  140bb9e967f15182f0b6b4446615e790
- SHA1
  
  75f56daceed685ede96cd7eeb5d9409dff9db37e
- SHA256
  
  8a48a7111f63b5e96b09ba8f1b7e27b0ad7f3acd157b1a3bb9984c6d6c0c4500
- SHA512
  
  7a8b9e597086059efa5038a7f28d6d665d080602559da78775376a0849c72daa3a2c3cda5a6b1bfc4dd14bb198d2e4ec2012f167a3f11a37e9d937928d4c20ea
- SSDEEP
  
  384:BL7li/2zBq2DcEQvdhcJKLTp/NK9xayI:hhM/Q9cyI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2