c64dbda9ab9d109df837befe993e0c449e75baf2e521fa8b91c7a8586f4aad2a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d554d00cea464e1fd3c2d8cccad2640_NeikiAnalytics.exe
Size

29KB
Sample

240525-zgf4vahf9z
MD5

1d554d00cea464e1fd3c2d8cccad2640
SHA1

e3666d58f147d3011074924508c0471b34cac99c
SHA256

c64dbda9ab9d109df837befe993e0c449e75baf2e521fa8b91c7a8586f4aad2a
SHA512

08f139ce44043019e485e14f9fa80568550c8c5454d885f6bb57989583f3200bbeed9c897210a014885dffa1ab12ce93e6281873d50bcab0d20c693a6a454ef0
SSDEEP

384:O/HTfut04H5wakydVf/4xQ8uFvTtk4Fe3baIYdh7hEvK76uyWYOvFxLYtt:O/zcJ5Pf/r8urkp3bxHv+6rSvrLwt

Score

7^/10

Malware Config

Targets

- Target
  
  1d554d00cea464e1fd3c2d8cccad2640_NeikiAnalytics.exe
- Size
  
  29KB
- MD5
  
  1d554d00cea464e1fd3c2d8cccad2640
- SHA1
  
  e3666d58f147d3011074924508c0471b34cac99c
- SHA256
  
  c64dbda9ab9d109df837befe993e0c449e75baf2e521fa8b91c7a8586f4aad2a
- SHA512
  
  08f139ce44043019e485e14f9fa80568550c8c5454d885f6bb57989583f3200bbeed9c897210a014885dffa1ab12ce93e6281873d50bcab0d20c693a6a454ef0
- SSDEEP
  
  384:O/HTfut04H5wakydVf/4xQ8uFvTtk4Fe3baIYdh7hEvK76uyWYOvFxLYtt:O/zcJ5Pf/r8urkp3bxHv+6rSvrLwt
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2