965f283fd8b82e737109499811f5735781a10fb423ced4c387578c6d336f7dc9 | Triage

Sharing

General

Target

683e551837bbd87011342a6cc5265a30_NeikiAnalytics.exe
Size

12KB
Sample

240523-bdl9paff8v
MD5

683e551837bbd87011342a6cc5265a30
SHA1

360bf01eefbb719f67495e4ffbceb251157921ff
SHA256

965f283fd8b82e737109499811f5735781a10fb423ced4c387578c6d336f7dc9
SHA512

46ba045fec254862c6f459229c14b2df9a10ca6eca3afb040fc58376c0567b7e6a1e9435fdcab6b69c3781b6e34405dc13b5a9e7a4ab895b0b86aadffb82bc6d
SSDEEP

384:DL7li/2zDq2DcEQvdhcJKLTp/NK9xa4b:H/M/Q9c4b

Score

7^/10

Malware Config

Targets

- Target
  
  683e551837bbd87011342a6cc5265a30_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  683e551837bbd87011342a6cc5265a30
- SHA1
  
  360bf01eefbb719f67495e4ffbceb251157921ff
- SHA256
  
  965f283fd8b82e737109499811f5735781a10fb423ced4c387578c6d336f7dc9
- SHA512
  
  46ba045fec254862c6f459229c14b2df9a10ca6eca3afb040fc58376c0567b7e6a1e9435fdcab6b69c3781b6e34405dc13b5a9e7a4ab895b0b86aadffb82bc6d
- SSDEEP
  
  384:DL7li/2zDq2DcEQvdhcJKLTp/NK9xa4b:H/M/Q9c4b
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2