0bed55264b0c6b7da481dc6ae4b8a4d5e086afefe6c5d0f481f93781ff9359d2 | Triage

Sharing

General

Target

496ed84da57c64ef8697224a98785110_NeikiAnalytics.exe
Size

12KB
Sample

240529-hpnefseb2w
MD5

496ed84da57c64ef8697224a98785110
SHA1

e138464fa207f6d5d163cd4bc98a6f1f01fb0f3f
SHA256

0bed55264b0c6b7da481dc6ae4b8a4d5e086afefe6c5d0f481f93781ff9359d2
SHA512

c3e66a99789f30d3c801f553eeb7ecefb1c71294ae0eb2a1de02ad2cc04be69b261ece8a5bb8c2dc4b9f1f813157e812b0456a61b97ccb0cf03b6be4ecf46058
SSDEEP

384:hL7li/2zuq2DcEQvdhcJKLTp/NK9xaKa:BmM/Q9cKa

Score

7^/10

Malware Config

Targets

- Target
  
  496ed84da57c64ef8697224a98785110_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  496ed84da57c64ef8697224a98785110
- SHA1
  
  e138464fa207f6d5d163cd4bc98a6f1f01fb0f3f
- SHA256
  
  0bed55264b0c6b7da481dc6ae4b8a4d5e086afefe6c5d0f481f93781ff9359d2
- SHA512
  
  c3e66a99789f30d3c801f553eeb7ecefb1c71294ae0eb2a1de02ad2cc04be69b261ece8a5bb8c2dc4b9f1f813157e812b0456a61b97ccb0cf03b6be4ecf46058
- SSDEEP
  
  384:hL7li/2zuq2DcEQvdhcJKLTp/NK9xaKa:BmM/Q9cKa
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2