6c3368589dbcdc28790ff426420833275928f76a3a972fd72be795fc41b60f5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c92fc274ee2003c6705fe92701f550_NeikiAnalytics.exe
Size

12KB
Sample

240529-gtsz3adf56
MD5

47c92fc274ee2003c6705fe92701f550
SHA1

190baaea9b95f4654c174919f8070917bb6936b1
SHA256

6c3368589dbcdc28790ff426420833275928f76a3a972fd72be795fc41b60f5f
SHA512

690f884273357d4ec2cb0a787c420595134863cc2dda8754cb804e99bae0e1ef43fcffa3b3eed8f52429ee2ec8407ddaaa5edc53bcc708c341df6f0488ec01ca
SSDEEP

384:RL7li/2zPq2DcEQvdhcJKLTp/NK9xaZY:RjM/Q9cZY

Score

7^/10

Malware Config

Targets

- Target
  
  47c92fc274ee2003c6705fe92701f550_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  47c92fc274ee2003c6705fe92701f550
- SHA1
  
  190baaea9b95f4654c174919f8070917bb6936b1
- SHA256
  
  6c3368589dbcdc28790ff426420833275928f76a3a972fd72be795fc41b60f5f
- SHA512
  
  690f884273357d4ec2cb0a787c420595134863cc2dda8754cb804e99bae0e1ef43fcffa3b3eed8f52429ee2ec8407ddaaa5edc53bcc708c341df6f0488ec01ca
- SSDEEP
  
  384:RL7li/2zPq2DcEQvdhcJKLTp/NK9xaZY:RjM/Q9cZY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2