3761a58958c12df556f96abc57016938f2029440986a402399318055fd1ea970 | Triage

Sharing

General

Target

a7bf23f906f6ea2116393fd2cbb66da0_NeikiAnalytics.exe
Size

12KB
Sample

240524-x6hb4agf86
MD5

a7bf23f906f6ea2116393fd2cbb66da0
SHA1

835af6df2b99fa6f5f548ea1a0d62f00cf4728d4
SHA256

3761a58958c12df556f96abc57016938f2029440986a402399318055fd1ea970
SHA512

bffe4b9060f88c9da2e322ee5c3a7fc300346118db2eb9eff49bacfaad6664d52124bfa8f12554f65b52e0f15f5974c13b46a8a5209dd4eab0340c3e43bd6197
SSDEEP

384:nL7li/2zZq2DcEQvdhcJKLTp/NK9xaJw:LxM/Q9cJw

Score

7^/10

Malware Config

Targets

- Target
  
  a7bf23f906f6ea2116393fd2cbb66da0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  a7bf23f906f6ea2116393fd2cbb66da0
- SHA1
  
  835af6df2b99fa6f5f548ea1a0d62f00cf4728d4
- SHA256
  
  3761a58958c12df556f96abc57016938f2029440986a402399318055fd1ea970
- SHA512
  
  bffe4b9060f88c9da2e322ee5c3a7fc300346118db2eb9eff49bacfaad6664d52124bfa8f12554f65b52e0f15f5974c13b46a8a5209dd4eab0340c3e43bd6197
- SSDEEP
  
  384:nL7li/2zZq2DcEQvdhcJKLTp/NK9xaJw:LxM/Q9cJw
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2