4c0c42a63f265c497eb03ffc744660a681f7c971b779c339978956b29af4df0a | Triage

Sharing

General

Target

610f05f69d77517ed3a578525581b810_NeikiAnalytics.exe
Size

12KB
Sample

240523-ann1laee61
MD5

610f05f69d77517ed3a578525581b810
SHA1

934e0e6e1be367598d0a185fe86e7caad26706d6
SHA256

4c0c42a63f265c497eb03ffc744660a681f7c971b779c339978956b29af4df0a
SHA512

6c66e42ad8bba3809b89ae54c42b26bcb8aca2f6b457d9b0ba20a18f35ca466c03726334317debeae5bf38970518d3476809edbb9c72b09dbdc8cb2310da0090
SSDEEP

384:fL7li/2zWq2DcEQvdhcJKLTp/NK9xav5:T2M/Q9cv5

Score

7^/10

Malware Config

Targets

- Target
  
  610f05f69d77517ed3a578525581b810_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  610f05f69d77517ed3a578525581b810
- SHA1
  
  934e0e6e1be367598d0a185fe86e7caad26706d6
- SHA256
  
  4c0c42a63f265c497eb03ffc744660a681f7c971b779c339978956b29af4df0a
- SHA512
  
  6c66e42ad8bba3809b89ae54c42b26bcb8aca2f6b457d9b0ba20a18f35ca466c03726334317debeae5bf38970518d3476809edbb9c72b09dbdc8cb2310da0090
- SSDEEP
  
  384:fL7li/2zWq2DcEQvdhcJKLTp/NK9xav5:T2M/Q9cv5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2