4323134fb722c9287945645c7919942f91d0e7f5c29f4255a27eed09da07ab6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5668c5e81e531f6cefe9afbc60bc7780_NeikiAnalytics.exe
Size

12KB
Sample

240529-1d7ytsbd28
MD5

5668c5e81e531f6cefe9afbc60bc7780
SHA1

7b65d2c2a2348fed7d663a99809b43f8d469a179
SHA256

4323134fb722c9287945645c7919942f91d0e7f5c29f4255a27eed09da07ab6f
SHA512

c6ce9d76a41fbef134c61518b6b2b18c1468a20e1cc07b58a0e39ee7cf69dc45df5d75895c56e755f969e6484d84fde87b1df19445245104a1a5d80c740dc6be
SSDEEP

384:1L7li/2zWq2DcEQvdhcJKLTp/NK9xa3s:VeM/Q9c3s

Score

7^/10

Malware Config

Targets

- Target
  
  5668c5e81e531f6cefe9afbc60bc7780_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5668c5e81e531f6cefe9afbc60bc7780
- SHA1
  
  7b65d2c2a2348fed7d663a99809b43f8d469a179
- SHA256
  
  4323134fb722c9287945645c7919942f91d0e7f5c29f4255a27eed09da07ab6f
- SHA512
  
  c6ce9d76a41fbef134c61518b6b2b18c1468a20e1cc07b58a0e39ee7cf69dc45df5d75895c56e755f969e6484d84fde87b1df19445245104a1a5d80c740dc6be
- SSDEEP
  
  384:1L7li/2zWq2DcEQvdhcJKLTp/NK9xa3s:VeM/Q9c3s
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2