270f8e6e7e7cb713e5ad808daca88b8c59a05b0a302e2320c04863024e37f6e9 | Triage

Sharing

General

Target

77890f1b96a9bd5cf6543c35f1f60240_NeikiAnalytics.exe
Size

26KB
Sample

240523-cwat2saf93
MD5

77890f1b96a9bd5cf6543c35f1f60240
SHA1

c73e42743a9a2d2bd4a90bfd37b7370d730ff8a6
SHA256

270f8e6e7e7cb713e5ad808daca88b8c59a05b0a302e2320c04863024e37f6e9
SHA512

53226b905e11abf37e7b20a033d78b875333c197231956934a4640f69fd92b3d7e90c7f03ea53f8cc04a68c6ce91d6adcfe046e561afe6ec314dfef50816470d
SSDEEP

384:WQoEmqWUIncBpEzjvehWtFx7UJxlfS+Ui0MX97nw:WQEqsncbKjW8tz7axlfSri/Xxw

Score

7^/10

Malware Config

Targets

- Target
  
  77890f1b96a9bd5cf6543c35f1f60240_NeikiAnalytics.exe
- Size
  
  26KB
- MD5
  
  77890f1b96a9bd5cf6543c35f1f60240
- SHA1
  
  c73e42743a9a2d2bd4a90bfd37b7370d730ff8a6
- SHA256
  
  270f8e6e7e7cb713e5ad808daca88b8c59a05b0a302e2320c04863024e37f6e9
- SHA512
  
  53226b905e11abf37e7b20a033d78b875333c197231956934a4640f69fd92b3d7e90c7f03ea53f8cc04a68c6ce91d6adcfe046e561afe6ec314dfef50816470d
- SSDEEP
  
  384:WQoEmqWUIncBpEzjvehWtFx7UJxlfS+Ui0MX97nw:WQEqsncbKjW8tz7axlfSri/Xxw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2