5e14a9250351a9c93df1f7f80f305a029cbabafaaf0a119f4a7bcd2e75fcd2b6 | Triage

Sharing

General

Target

6cf708817892612db26859889051aba0_NeikiAnalytics.exe
Size

12KB
Sample

240523-bt764age51
MD5

6cf708817892612db26859889051aba0
SHA1

632409296ca72b721ce1a3aa3c50a5846262f88c
SHA256

5e14a9250351a9c93df1f7f80f305a029cbabafaaf0a119f4a7bcd2e75fcd2b6
SHA512

77932f931cd8f377ab8d52287d8db5427e48d2240f8232c4f27967599208337eac8548a4cb761a449577e5213177183caeb33ec24e2b505a318ded185758e0a8
SSDEEP

384:eL7li/2zhq2DcEQvd2cJKLTp/NK9xa1M:IxM8Q9c1M

Score

7^/10

Malware Config

Targets

- Target
  
  6cf708817892612db26859889051aba0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  6cf708817892612db26859889051aba0
- SHA1
  
  632409296ca72b721ce1a3aa3c50a5846262f88c
- SHA256
  
  5e14a9250351a9c93df1f7f80f305a029cbabafaaf0a119f4a7bcd2e75fcd2b6
- SHA512
  
  77932f931cd8f377ab8d52287d8db5427e48d2240f8232c4f27967599208337eac8548a4cb761a449577e5213177183caeb33ec24e2b505a318ded185758e0a8
- SSDEEP
  
  384:eL7li/2zhq2DcEQvd2cJKLTp/NK9xa1M:IxM8Q9c1M
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2