General

  • Target

    5dd1818c9d8aba19127024e1618337b0_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240523-aa7wjseb62

  • MD5

    5dd1818c9d8aba19127024e1618337b0

  • SHA1

    b2649530ffc6f7e08f14b36af2341e13184744ed

  • SHA256

    4c9ee97549c688f88cb2cbbbcc0d9e9c5a637e36c9cdea1fa66403f92f78cc27

  • SHA512

    37927eab99b6f1fa5d1ede6bdd99764a060129a4a45e465645a8e0ae6bbcf340f7c669f5a45b076324d2a2eab526868cb1a3ecb049f92bc18f9191e195ebb1d4

  • SSDEEP

    384:JL7li/2zpq2DcEQvdQcJKLTp/NK9xa5V:5ZMCQ9c5V

Score
7/10

Malware Config

Targets

    • Target

      5dd1818c9d8aba19127024e1618337b0_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      5dd1818c9d8aba19127024e1618337b0

    • SHA1

      b2649530ffc6f7e08f14b36af2341e13184744ed

    • SHA256

      4c9ee97549c688f88cb2cbbbcc0d9e9c5a637e36c9cdea1fa66403f92f78cc27

    • SHA512

      37927eab99b6f1fa5d1ede6bdd99764a060129a4a45e465645a8e0ae6bbcf340f7c669f5a45b076324d2a2eab526868cb1a3ecb049f92bc18f9191e195ebb1d4

    • SSDEEP

      384:JL7li/2zpq2DcEQvdQcJKLTp/NK9xa5V:5ZMCQ9c5V

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks