373f8a260db1a117211578001f8126ef147e6ae3444effecc540b51a18135e56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa34f7d0ea668effd2c36d2860cba9b0_NeikiAnalytics.exe
Size

12KB
Sample

240527-mly41ahe33
MD5

aa34f7d0ea668effd2c36d2860cba9b0
SHA1

3959dc6a320468535006dd9df73b31b45595ea3e
SHA256

373f8a260db1a117211578001f8126ef147e6ae3444effecc540b51a18135e56
SHA512

c499ae5e56f335ca15c664e746bbd4e54e1ccb1cf888d268b594b209656a7bdc38857858361b1a3e1d7dff383e066fc17e162e708dacce8de0c54ed79a3354d8
SSDEEP

384:DL7li/2zbq2DcEQvdhcJKLTp/NK9xaLE:H/M/Q9cLE

Score

7^/10

Malware Config

Targets

- Target
  
  aa34f7d0ea668effd2c36d2860cba9b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  aa34f7d0ea668effd2c36d2860cba9b0
- SHA1
  
  3959dc6a320468535006dd9df73b31b45595ea3e
- SHA256
  
  373f8a260db1a117211578001f8126ef147e6ae3444effecc540b51a18135e56
- SHA512
  
  c499ae5e56f335ca15c664e746bbd4e54e1ccb1cf888d268b594b209656a7bdc38857858361b1a3e1d7dff383e066fc17e162e708dacce8de0c54ed79a3354d8
- SSDEEP
  
  384:DL7li/2zbq2DcEQvdhcJKLTp/NK9xaLE:H/M/Q9cLE
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2