ba4ff14179bb978398ee5369218e3523f0ebcdd3ab687a2373bb407a00de0616 | Triage

Sharing

General

Target

35c9a14d09a92bd10310b933e49f4be0_NeikiAnalytics.exe
Size

12KB
Sample

240522-zdxx7afg68
MD5

35c9a14d09a92bd10310b933e49f4be0
SHA1

178588821c7f2966f0822db248f2d4bfa3a1d8ef
SHA256

ba4ff14179bb978398ee5369218e3523f0ebcdd3ab687a2373bb407a00de0616
SHA512

64342406baa8569364da799dffe695fc21d0e229144581a78a1785656a7a007e580821aeac26950c8c34ff7d837b0707bce677ce7a51c82a2dcd74916a6fbc18
SSDEEP

384:pL7li/2zZq2DcEQvdQcJKLTp/NK9xaZH:ZpMCQ9cZH

Score

7^/10

Malware Config

Targets

- Target
  
  35c9a14d09a92bd10310b933e49f4be0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  35c9a14d09a92bd10310b933e49f4be0
- SHA1
  
  178588821c7f2966f0822db248f2d4bfa3a1d8ef
- SHA256
  
  ba4ff14179bb978398ee5369218e3523f0ebcdd3ab687a2373bb407a00de0616
- SHA512
  
  64342406baa8569364da799dffe695fc21d0e229144581a78a1785656a7a007e580821aeac26950c8c34ff7d837b0707bce677ce7a51c82a2dcd74916a6fbc18
- SSDEEP
  
  384:pL7li/2zZq2DcEQvdQcJKLTp/NK9xaZH:ZpMCQ9cZH
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2