4dc6f9282a97c52a9af0e87a157e0e9e1187e9203180d098f3e547dcd8bd24d4 | Triage

Sharing

General

Target

1ead623bd8ae074d4fd3b309af725030_NeikiAnalytics.exe
Size

562KB
Sample

240527-ex8tksgh72
MD5

1ead623bd8ae074d4fd3b309af725030
SHA1

3b13fcd0c4ce56dfefcc969597c21a01deae8f32
SHA256

4dc6f9282a97c52a9af0e87a157e0e9e1187e9203180d098f3e547dcd8bd24d4
SHA512

f1bb305217307cd452330f33ba402f74df8e46e30c3cc11618a1a3f50324f052621adb1d17d29f78494b1ba95fc086495f7d28d065ad0c1986e2213902d7f955
SSDEEP

3072:XCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAW:XqDAwl0xPTMiR9JSSxPUKuqododHYO

Score

7^/10

Malware Config

Targets

- Target
  
  1ead623bd8ae074d4fd3b309af725030_NeikiAnalytics.exe
- Size
  
  562KB
- MD5
  
  1ead623bd8ae074d4fd3b309af725030
- SHA1
  
  3b13fcd0c4ce56dfefcc969597c21a01deae8f32
- SHA256
  
  4dc6f9282a97c52a9af0e87a157e0e9e1187e9203180d098f3e547dcd8bd24d4
- SHA512
  
  f1bb305217307cd452330f33ba402f74df8e46e30c3cc11618a1a3f50324f052621adb1d17d29f78494b1ba95fc086495f7d28d065ad0c1986e2213902d7f955
- SSDEEP
  
  3072:XCaoAs101Pol0xPTM7mRCAdJSSxPUkl3V4Vh1q+MQTCk/dN92sdNhavtrVdewnAW:XqDAwl0xPTMiR9JSSxPUKuqododHYO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2