1540f97f834bf6dee5f9cfda5f28118a818c83797cc25a0ab5fdd6b8e5121895 | Triage

Sharing

General

Target

64853647d347ccf713aea3848ecd39e0_NeikiAnalytics.exe
Size

12KB
Sample

240523-a2t4rsfb4y
MD5

64853647d347ccf713aea3848ecd39e0
SHA1

f5fac8cf5799c68eeef92ec62e4425980f7f7bb1
SHA256

1540f97f834bf6dee5f9cfda5f28118a818c83797cc25a0ab5fdd6b8e5121895
SHA512

3bd39d14e4eaa45600e6b010274fa972cc96aab136c5088947cee0bcdd6ec944ea124f8cbfe6219584c20a0af39929acdf36e52f19e49d3c9a87a8d71ca62162
SSDEEP

384:jL7li/2zlq2DcEQvdQcJKLTp/NK9xaHy:nlMCQ9cHy

Score

7^/10

Malware Config

Targets

- Target
  
  64853647d347ccf713aea3848ecd39e0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  64853647d347ccf713aea3848ecd39e0
- SHA1
  
  f5fac8cf5799c68eeef92ec62e4425980f7f7bb1
- SHA256
  
  1540f97f834bf6dee5f9cfda5f28118a818c83797cc25a0ab5fdd6b8e5121895
- SHA512
  
  3bd39d14e4eaa45600e6b010274fa972cc96aab136c5088947cee0bcdd6ec944ea124f8cbfe6219584c20a0af39929acdf36e52f19e49d3c9a87a8d71ca62162
- SSDEEP
  
  384:jL7li/2zlq2DcEQvdQcJKLTp/NK9xaHy:nlMCQ9cHy
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2