1f157098b3e1cba143584fbf624feafdf5d5883850fc6d03194cbf4ffd908239 | Triage

Sharing

General

Target

3b17c569ed4a7896428d110fd9e95800_NeikiAnalytics.exe
Size

12KB
Sample

240524-zpkf8sag3s
MD5

3b17c569ed4a7896428d110fd9e95800
SHA1

da7a0f7ab0ebe89e50253bb0b1ae18bd7e6a83e4
SHA256

1f157098b3e1cba143584fbf624feafdf5d5883850fc6d03194cbf4ffd908239
SHA512

1a977e6c5074dd81e87081a0c78ffa5a39bf53153b16c85a7087f4e2ff56c6f29f2486da028839b06b4fb56f2c961ce64277eb967bb04a2e87a40e745b21b5a7
SSDEEP

384:9L7li/2zvq2DcEQvdhcJKLTp/NK9xai2:tLM/Q9ci2

Score

7^/10

Malware Config

Targets

- Target
  
  3b17c569ed4a7896428d110fd9e95800_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  3b17c569ed4a7896428d110fd9e95800
- SHA1
  
  da7a0f7ab0ebe89e50253bb0b1ae18bd7e6a83e4
- SHA256
  
  1f157098b3e1cba143584fbf624feafdf5d5883850fc6d03194cbf4ffd908239
- SHA512
  
  1a977e6c5074dd81e87081a0c78ffa5a39bf53153b16c85a7087f4e2ff56c6f29f2486da028839b06b4fb56f2c961ce64277eb967bb04a2e87a40e745b21b5a7
- SSDEEP
  
  384:9L7li/2zvq2DcEQvdhcJKLTp/NK9xai2:tLM/Q9ci2
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2