8e5835c157f592744a72a5ad222497ed23a02aacf243fcba49b5ae83add878c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

235252db5d64931a529eb28ca8fde390_NeikiAnalytics.exe
Size

31KB
Sample

240527-hjkrdacc82
MD5

235252db5d64931a529eb28ca8fde390
SHA1

bc648cb220c1540293b6ecf45c23482be72d9275
SHA256

8e5835c157f592744a72a5ad222497ed23a02aacf243fcba49b5ae83add878c3
SHA512

b32072c513aed08634987a56288bc32f0192cfa5aa266bfcb2388029fa6c0bc8df09e5cc66e597cf83ac0e6d4f38d9b1270698d3eed938f9f03490c58f63576f
SSDEEP

192:KlApk98m4e0/IDJh/5ZQcvoyne4t/PQ3Pw1C0SluWbiWBNEckcVhJriE/mB1:MApc8m4e0GvQak4JI341C0abnk6hJPi

Score

7^/10

Malware Config

Targets

- Target
  
  235252db5d64931a529eb28ca8fde390_NeikiAnalytics.exe
- Size
  
  31KB
- MD5
  
  235252db5d64931a529eb28ca8fde390
- SHA1
  
  bc648cb220c1540293b6ecf45c23482be72d9275
- SHA256
  
  8e5835c157f592744a72a5ad222497ed23a02aacf243fcba49b5ae83add878c3
- SHA512
  
  b32072c513aed08634987a56288bc32f0192cfa5aa266bfcb2388029fa6c0bc8df09e5cc66e597cf83ac0e6d4f38d9b1270698d3eed938f9f03490c58f63576f
- SSDEEP
  
  192:KlApk98m4e0/IDJh/5ZQcvoyne4t/PQ3Pw1C0SluWbiWBNEckcVhJriE/mB1:MApc8m4e0GvQak4JI341C0abnk6hJPi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2