7bb786dd5f0da1696681bcbd0b7e5ad2af7a6da0566f522ed05ded5fa96b9f60 | Triage

Sharing

General

Target

69075e83b1b2ee065250cd1cadab9af0_NeikiAnalytics.exe
Size

65KB
Sample

240523-k9rnqabg57
MD5

69075e83b1b2ee065250cd1cadab9af0
SHA1

4df25c38db443c410a4c946220b5a6f605eb5734
SHA256

7bb786dd5f0da1696681bcbd0b7e5ad2af7a6da0566f522ed05ded5fa96b9f60
SHA512

bd3f42ca7b37a1f2d0734faabc381de8943a410932cb887debfdedb041870a28b32c8e1ac91ed2c1599051461cd2473042b5d74a848f3166fe702d305d3ec859
SSDEEP

1536:jxNVzn66kD6WNpNokpkJc6coO4WLZAtVEpfisArCSp7lknnqPZgG4zAIzZhoDhoY:jx3m6KDNpNokpkJc6coO4WLZAtVEpfiR

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  69075e83b1b2ee065250cd1cadab9af0_NeikiAnalytics.exe
- Size
  
  65KB
- MD5
  
  69075e83b1b2ee065250cd1cadab9af0
- SHA1
  
  4df25c38db443c410a4c946220b5a6f605eb5734
- SHA256
  
  7bb786dd5f0da1696681bcbd0b7e5ad2af7a6da0566f522ed05ded5fa96b9f60
- SHA512
  
  bd3f42ca7b37a1f2d0734faabc381de8943a410932cb887debfdedb041870a28b32c8e1ac91ed2c1599051461cd2473042b5d74a848f3166fe702d305d3ec859
- SSDEEP
  
  1536:jxNVzn66kD6WNpNokpkJc6coO4WLZAtVEpfisArCSp7lknnqPZgG4zAIzZhoDhoY:jx3m6KDNpNokpkJc6coO4WLZAtVEpfiR
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan