735a47d1309ba80f1a55ff77f0069925f009323eef977104351c60d76bc5fc50 | Triage

Sharing

General

Target

7995552ec5d9ca6284c9c94c7de66710_NeikiAnalytics.exe
Size

12KB
Sample

240526-gyq19sad54
MD5

7995552ec5d9ca6284c9c94c7de66710
SHA1

2620702821bb798f7f5624408238643c5640dc6e
SHA256

735a47d1309ba80f1a55ff77f0069925f009323eef977104351c60d76bc5fc50
SHA512

dffabef87785754800bf053301eaca83ab7b545a8c4f0616df2b324d9eef9407c62d28a42ca2df9ce026e27a36000a5d17e3d75623ca3624e71d68f4ad9cca97
SSDEEP

384:YL7li/2zsKq2DcEQvdhcJKLTp/NK9xaHk9:mgOM/Q9cE9

Score

7^/10

Malware Config

Targets

- Target
  
  7995552ec5d9ca6284c9c94c7de66710_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  7995552ec5d9ca6284c9c94c7de66710
- SHA1
  
  2620702821bb798f7f5624408238643c5640dc6e
- SHA256
  
  735a47d1309ba80f1a55ff77f0069925f009323eef977104351c60d76bc5fc50
- SHA512
  
  dffabef87785754800bf053301eaca83ab7b545a8c4f0616df2b324d9eef9407c62d28a42ca2df9ce026e27a36000a5d17e3d75623ca3624e71d68f4ad9cca97
- SSDEEP
  
  384:YL7li/2zsKq2DcEQvdhcJKLTp/NK9xaHk9:mgOM/Q9cE9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2