abe3767b525b1eb1f438e7f74e001c9b29ef3ce5b58171b4500e197fc17b7e84 | Triage

Sharing

General

Target

3a711f0225c74124c8695d717e5cca50_NeikiAnalytics.exe
Size

523KB
Sample

240522-ztv4jagf25
MD5

3a711f0225c74124c8695d717e5cca50
SHA1

0d2c1c7cfedead8af293504584ce204f47e99af0
SHA256

abe3767b525b1eb1f438e7f74e001c9b29ef3ce5b58171b4500e197fc17b7e84
SHA512

aa60751298f9913358b681a4ce2d7dbc55322002b18b546183e866d0bb1a530d49124ff41df4ed9d784c101592ce8a0b7df9e5eb2acb484cdb89db35e8380d86
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxJ:dqDAwl0xPTMiR9JSSxPUKYGdodHC

Score

7^/10

Malware Config

Targets

- Target
  
  3a711f0225c74124c8695d717e5cca50_NeikiAnalytics.exe
- Size
  
  523KB
- MD5
  
  3a711f0225c74124c8695d717e5cca50
- SHA1
  
  0d2c1c7cfedead8af293504584ce204f47e99af0
- SHA256
  
  abe3767b525b1eb1f438e7f74e001c9b29ef3ce5b58171b4500e197fc17b7e84
- SHA512
  
  aa60751298f9913358b681a4ce2d7dbc55322002b18b546183e866d0bb1a530d49124ff41df4ed9d784c101592ce8a0b7df9e5eb2acb484cdb89db35e8380d86
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxJ:dqDAwl0xPTMiR9JSSxPUKYGdodHC
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2