32d472dc0e7995808e756b30eed90e82f0f12f95e529eeab40b69558e4d236c9 | Triage

Sharing

General

Target

3b797617beaa5235b8072aa61135ec60_NeikiAnalytics.exe
Size

2.7MB
Sample

240522-zxpe6agg52
MD5

3b797617beaa5235b8072aa61135ec60
SHA1

4140377a3e9171e7bb00a3f00e4aa5fb012f1fc0
SHA256

32d472dc0e7995808e756b30eed90e82f0f12f95e529eeab40b69558e4d236c9
SHA512

ea0c8eebb0cb8cbb1bb8e2007e5e583986b81d8d50dfa27079073149f9aaf3845bbb4f58a082be2b676388049c9c4f4c7cc85268a661957419f07b6b5af95e70
SSDEEP

49152:9nvnjz5FTr7wEMP2mQz0qpWTSRkIAo5h4TLbBaoJyL6w6PFObS5CsEXDKN3qL:rF7Y2iSFAM4LZw6423EXONaL

Score

7^/10

Malware Config

Targets

- Target
  
  3b797617beaa5235b8072aa61135ec60_NeikiAnalytics.exe
- Size
  
  2.7MB
- MD5
  
  3b797617beaa5235b8072aa61135ec60
- SHA1
  
  4140377a3e9171e7bb00a3f00e4aa5fb012f1fc0
- SHA256
  
  32d472dc0e7995808e756b30eed90e82f0f12f95e529eeab40b69558e4d236c9
- SHA512
  
  ea0c8eebb0cb8cbb1bb8e2007e5e583986b81d8d50dfa27079073149f9aaf3845bbb4f58a082be2b676388049c9c4f4c7cc85268a661957419f07b6b5af95e70
- SSDEEP
  
  49152:9nvnjz5FTr7wEMP2mQz0qpWTSRkIAo5h4TLbBaoJyL6w6PFObS5CsEXDKN3qL:rF7Y2iSFAM4LZw6423EXONaL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2