3bff2b09b0b2a02cadebb840a8bb7435c5eab5fe85cfbc6c500185f2645e354e | Triage

Sharing

General

Target

6ffb0ebe5e7db285cbc0a55c0a77d9b0_NeikiAnalytics.exe
Size

12KB
Sample

240523-b42r3aha8s
MD5

6ffb0ebe5e7db285cbc0a55c0a77d9b0
SHA1

2092ca285c99f6274196cf3cacf9b3fdb42c17df
SHA256

3bff2b09b0b2a02cadebb840a8bb7435c5eab5fe85cfbc6c500185f2645e354e
SHA512

7b82b35331644d7981d98e220f2d5e306b49b1b387103784a91237e42fd72a70e1c4607dbdb31856d4df659fe011d511711133dc7b2843cb7e44bc9d664778d0
SSDEEP

384:tL7li/2zjq2DcEQvdQcJKLTp/NK9xazK:93MCQ9czK

Score

7^/10

Malware Config

Targets

- Target
  
  6ffb0ebe5e7db285cbc0a55c0a77d9b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  6ffb0ebe5e7db285cbc0a55c0a77d9b0
- SHA1
  
  2092ca285c99f6274196cf3cacf9b3fdb42c17df
- SHA256
  
  3bff2b09b0b2a02cadebb840a8bb7435c5eab5fe85cfbc6c500185f2645e354e
- SHA512
  
  7b82b35331644d7981d98e220f2d5e306b49b1b387103784a91237e42fd72a70e1c4607dbdb31856d4df659fe011d511711133dc7b2843cb7e44bc9d664778d0
- SSDEEP
  
  384:tL7li/2zjq2DcEQvdQcJKLTp/NK9xazK:93MCQ9czK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2