056de34946d00f03d2c89096c553b216ffc1877a72633f3505a107c6d9cf23a3 | Triage

Sharing

General

Target

39d5548ce0964090f73baec18189bf40_NeikiAnalytics.exe
Size

12KB
Sample

240522-zrzzpsge23
MD5

39d5548ce0964090f73baec18189bf40
SHA1

f480196ffbef0c314c18ba3707a310cba3a43398
SHA256

056de34946d00f03d2c89096c553b216ffc1877a72633f3505a107c6d9cf23a3
SHA512

701476287e84a5ed72ad8d3c9276e71b44cb4ee8a6ebc1607d00bb55c7fefb6b1fd0e852d3e7b9645ef2978805ddc365ffcd747705113c35be2cd8deaeef03e1
SSDEEP

384:+L7li/2zpq2DcEQvdhcJKLTp/NK9xaOn:opM/Q9cOn

Score

7^/10

Malware Config

Targets

- Target
  
  39d5548ce0964090f73baec18189bf40_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  39d5548ce0964090f73baec18189bf40
- SHA1
  
  f480196ffbef0c314c18ba3707a310cba3a43398
- SHA256
  
  056de34946d00f03d2c89096c553b216ffc1877a72633f3505a107c6d9cf23a3
- SHA512
  
  701476287e84a5ed72ad8d3c9276e71b44cb4ee8a6ebc1607d00bb55c7fefb6b1fd0e852d3e7b9645ef2978805ddc365ffcd747705113c35be2cd8deaeef03e1
- SSDEEP
  
  384:+L7li/2zpq2DcEQvdhcJKLTp/NK9xaOn:opM/Q9cOn
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2