830d4ddf8ab2088b9f43e85c5b3a2577099ce00300c9d63bad84d903eb409e8d | Triage

Sharing

General

Target

47cc7c3f6cadc10262a0ffeb89463f00_NeikiAnalytics.exe
Size

96KB
Sample

240526-bqsbgahf5w
MD5

47cc7c3f6cadc10262a0ffeb89463f00
SHA1

c73e07f5844490b38d8914983438a804eec5e3f6
SHA256

830d4ddf8ab2088b9f43e85c5b3a2577099ce00300c9d63bad84d903eb409e8d
SHA512

27414778bff7c93dc291c7871550cb9830219d4c38b6c0d21239878e5a0c6c263ab729543a6c893e0a431b95c3c52bc98685064b580844fe423a966d26dfa02d
SSDEEP

768:eo4JA5MDfBnURLQ/JD60XDeVtA5YwmHwWW2icNe78ljNZQcycU:e8M1IQ/JDHKa5EJWceYljNZQyU

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  47cc7c3f6cadc10262a0ffeb89463f00_NeikiAnalytics.exe
- Size
  
  96KB
- MD5
  
  47cc7c3f6cadc10262a0ffeb89463f00
- SHA1
  
  c73e07f5844490b38d8914983438a804eec5e3f6
- SHA256
  
  830d4ddf8ab2088b9f43e85c5b3a2577099ce00300c9d63bad84d903eb409e8d
- SHA512
  
  27414778bff7c93dc291c7871550cb9830219d4c38b6c0d21239878e5a0c6c263ab729543a6c893e0a431b95c3c52bc98685064b580844fe423a966d26dfa02d
- SSDEEP
  
  768:eo4JA5MDfBnURLQ/JD60XDeVtA5YwmHwWW2icNe78ljNZQcycU:e8M1IQ/JDHKa5EJWceYljNZQyU
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence