37b110671a440935412d46a90d5bcfa1e2585b338d63574c95e50602e93c6d6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

470d4f1006f2e99e88da42fa4b16b7e0_NeikiAnalytics.exe
Size

5KB
Sample

240529-geqamadb35
MD5

470d4f1006f2e99e88da42fa4b16b7e0
SHA1

e46ab0a15061ecaba6f8740f2e488128b1e123fb
SHA256

37b110671a440935412d46a90d5bcfa1e2585b338d63574c95e50602e93c6d6d
SHA512

74c035c788ba6e78eb1e9ff9ff7bd4df5dbd073481652b821078964aba7d90e21ff9444a5d37c50e405a3b53c55759821e5fbb56956d8d20fbe8f5f4e81334a8
SSDEEP

48:qaT72x9RAmcRB/G9NTI4BzzpS1rsHB/VnC/RAxUbs2CS70ALNx:cXqhLp4BzzpSuHnnwR2Ubs2ClAhx

Score

7^/10

Malware Config

Targets

- Target
  
  470d4f1006f2e99e88da42fa4b16b7e0_NeikiAnalytics.exe
- Size
  
  5KB
- MD5
  
  470d4f1006f2e99e88da42fa4b16b7e0
- SHA1
  
  e46ab0a15061ecaba6f8740f2e488128b1e123fb
- SHA256
  
  37b110671a440935412d46a90d5bcfa1e2585b338d63574c95e50602e93c6d6d
- SHA512
  
  74c035c788ba6e78eb1e9ff9ff7bd4df5dbd073481652b821078964aba7d90e21ff9444a5d37c50e405a3b53c55759821e5fbb56956d8d20fbe8f5f4e81334a8
- SSDEEP
  
  48:qaT72x9RAmcRB/G9NTI4BzzpS1rsHB/VnC/RAxUbs2CS70ALNx:cXqhLp4BzzpSuHnnwR2Ubs2ClAhx
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2