9d373a45f358b608ac0052d825f7b4fad536ef4eb545740bc5529f4823c84653 | Triage

Sharing

General

Target

2e32a3b911c4e7bff6b2351dfc3b93d0_NeikiAnalytics.exe
Size

12KB
Sample

240525-2qqezsdc6v
MD5

2e32a3b911c4e7bff6b2351dfc3b93d0
SHA1

0cf83f81471221bf62938d29dfb82e4e94039ddf
SHA256

9d373a45f358b608ac0052d825f7b4fad536ef4eb545740bc5529f4823c84653
SHA512

f92edd42b4b85631b8a694b53464b144d601ca87aa87eea010134b68ccddc79b17f77e540b8f4842d58c9e95a85d78bb3c6fe08fc04de5be4c7288e25f1ff2e4
SSDEEP

384:wL7li/2z0q2DcEQvdhcJKLTp/NK9xaXU:uoM/Q9cXU

Score

7^/10

Malware Config

Targets

- Target
  
  2e32a3b911c4e7bff6b2351dfc3b93d0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  2e32a3b911c4e7bff6b2351dfc3b93d0
- SHA1
  
  0cf83f81471221bf62938d29dfb82e4e94039ddf
- SHA256
  
  9d373a45f358b608ac0052d825f7b4fad536ef4eb545740bc5529f4823c84653
- SHA512
  
  f92edd42b4b85631b8a694b53464b144d601ca87aa87eea010134b68ccddc79b17f77e540b8f4842d58c9e95a85d78bb3c6fe08fc04de5be4c7288e25f1ff2e4
- SSDEEP
  
  384:wL7li/2z0q2DcEQvdhcJKLTp/NK9xaXU:uoM/Q9cXU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2