4c9ee97549c688f88cb2cbbbcc0d9e9c5a637e36c9cdea1fa66403f92f78cc27 | Triage

Sharing

General

Target

5dd1818c9d8aba19127024e1618337b0_NeikiAnalytics.exe
Size

12KB
Sample

240523-aa7wjseb62
MD5

5dd1818c9d8aba19127024e1618337b0
SHA1

b2649530ffc6f7e08f14b36af2341e13184744ed
SHA256

4c9ee97549c688f88cb2cbbbcc0d9e9c5a637e36c9cdea1fa66403f92f78cc27
SHA512

37927eab99b6f1fa5d1ede6bdd99764a060129a4a45e465645a8e0ae6bbcf340f7c669f5a45b076324d2a2eab526868cb1a3ecb049f92bc18f9191e195ebb1d4
SSDEEP

384:JL7li/2zpq2DcEQvdQcJKLTp/NK9xa5V:5ZMCQ9c5V

Score

7^/10

Malware Config

Targets

- Target
  
  5dd1818c9d8aba19127024e1618337b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5dd1818c9d8aba19127024e1618337b0
- SHA1
  
  b2649530ffc6f7e08f14b36af2341e13184744ed
- SHA256
  
  4c9ee97549c688f88cb2cbbbcc0d9e9c5a637e36c9cdea1fa66403f92f78cc27
- SHA512
  
  37927eab99b6f1fa5d1ede6bdd99764a060129a4a45e465645a8e0ae6bbcf340f7c669f5a45b076324d2a2eab526868cb1a3ecb049f92bc18f9191e195ebb1d4
- SSDEEP
  
  384:JL7li/2zpq2DcEQvdQcJKLTp/NK9xa5V:5ZMCQ9c5V
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2