e14efd0ccb02f050e54a3c3fcac1affb6293bbbdba1739db987abc05ae983bda | Triage

Sharing

General

Target

5fe805326563b2a8b6e8d1fcd960ba60_NeikiAnalytics.exe
Size

12KB
Sample

240523-aj6pvaee56
MD5

5fe805326563b2a8b6e8d1fcd960ba60
SHA1

db97b62640d4c6fc6e717918c7add4786582b428
SHA256

e14efd0ccb02f050e54a3c3fcac1affb6293bbbdba1739db987abc05ae983bda
SHA512

ce08f0da8a63dded533544c823d5eb37e83e577ff69093879764898a3d31c4de3068c40ed32f9e60fc313118c289901e1dd037f1dc36910fc36f767bf4c37790
SSDEEP

384:sFL7li/2z+q2DcEQvdQcJKLTp/NK9xaFV:mOMCQ9cFV

Score

7^/10

Malware Config

Targets

- Target
  
  5fe805326563b2a8b6e8d1fcd960ba60_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5fe805326563b2a8b6e8d1fcd960ba60
- SHA1
  
  db97b62640d4c6fc6e717918c7add4786582b428
- SHA256
  
  e14efd0ccb02f050e54a3c3fcac1affb6293bbbdba1739db987abc05ae983bda
- SHA512
  
  ce08f0da8a63dded533544c823d5eb37e83e577ff69093879764898a3d31c4de3068c40ed32f9e60fc313118c289901e1dd037f1dc36910fc36f767bf4c37790
- SSDEEP
  
  384:sFL7li/2z+q2DcEQvdQcJKLTp/NK9xaFV:mOMCQ9cFV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2