025a4b43bc61de48a8be9cbb8bf1dedd37420ec7881f6e0958db120190ba4d8f | Triage

Sharing

General

Target

5186bfca72db50f39f2c1da50a1ed5b0_NeikiAnalytics.exe
Size

12KB
Sample

240524-xm664sfg86
MD5

5186bfca72db50f39f2c1da50a1ed5b0
SHA1

9bb47f95dbd47148701cf3e38e4727adbedddd03
SHA256

025a4b43bc61de48a8be9cbb8bf1dedd37420ec7881f6e0958db120190ba4d8f
SHA512

75f41e8537d3b7225291b787d3cf7c85a04506dbd65c5ce2c45b68d16f8ac7edf079e1483a2c6f8777beaddbd3b343a9bfb7482535750fa9a02e8d5bd175799d
SSDEEP

384:bL7li/2zQq2DcEQvd2cJKLTp/NK9xaHI:P0M8Q9cHI

Score

7^/10

Malware Config

Targets

- Target
  
  5186bfca72db50f39f2c1da50a1ed5b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5186bfca72db50f39f2c1da50a1ed5b0
- SHA1
  
  9bb47f95dbd47148701cf3e38e4727adbedddd03
- SHA256
  
  025a4b43bc61de48a8be9cbb8bf1dedd37420ec7881f6e0958db120190ba4d8f
- SHA512
  
  75f41e8537d3b7225291b787d3cf7c85a04506dbd65c5ce2c45b68d16f8ac7edf079e1483a2c6f8777beaddbd3b343a9bfb7482535750fa9a02e8d5bd175799d
- SSDEEP
  
  384:bL7li/2zQq2DcEQvd2cJKLTp/NK9xaHI:P0M8Q9cHI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2