c9fcc08b9c918dbd323f23dd013f0df0fc2315f65d580261624ca596cbf1edf3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

188027d8b26ed0f32647eddaed451890_NeikiAnalytics.exe
Size

82KB
Sample

240525-yycbjshc48
MD5

188027d8b26ed0f32647eddaed451890
SHA1

5416d02ecd9bfcfa11ea8fbc1fcfbaee83a8545e
SHA256

c9fcc08b9c918dbd323f23dd013f0df0fc2315f65d580261624ca596cbf1edf3
SHA512

2f13224b6caf57ebe51f5b119dc7016f2051d5f42e5f18d089ca4fdc1a0e25507c7d76574e19b9fdf078d34995a183d874ca086219fb78c7d84117100991ac3a
SSDEEP

1536:CZFJTafg3hnfq4yyFBrRyyeBaiRTxRwvru8rb:yFGgRfqI26

Score

7^/10

Malware Config

Targets

- Target
  
  188027d8b26ed0f32647eddaed451890_NeikiAnalytics.exe
- Size
  
  82KB
- MD5
  
  188027d8b26ed0f32647eddaed451890
- SHA1
  
  5416d02ecd9bfcfa11ea8fbc1fcfbaee83a8545e
- SHA256
  
  c9fcc08b9c918dbd323f23dd013f0df0fc2315f65d580261624ca596cbf1edf3
- SHA512
  
  2f13224b6caf57ebe51f5b119dc7016f2051d5f42e5f18d089ca4fdc1a0e25507c7d76574e19b9fdf078d34995a183d874ca086219fb78c7d84117100991ac3a
- SSDEEP
  
  1536:CZFJTafg3hnfq4yyFBrRyyeBaiRTxRwvru8rb:yFGgRfqI26
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2