a5bd7f0cff464447aa29f3f4f3447db2268f7c76da17d88d33539841b8cf01f3 | Triage

Sharing

General

Target

5c8d3638fc0e093018f422de7e703520_NeikiAnalytics.exe
Size

12KB
Sample

240530-avd4zaff8x
MD5

5c8d3638fc0e093018f422de7e703520
SHA1

611d88790efba6f623d6520bce8949fccb069151
SHA256

a5bd7f0cff464447aa29f3f4f3447db2268f7c76da17d88d33539841b8cf01f3
SHA512

3d43673fbce20097dc22c4a51622175b4097753636cb121921c948fbf6b3d34572cddf984693692a5510ae2de5dca83c5a9f20daa71ed9eb3b94f3491f83f219
SSDEEP

384:iL7li/2z0q2DcEQvdhcJKLTp/NK9xa4+:8YM/Q9c4+

Score

7^/10

Malware Config

Targets

- Target
  
  5c8d3638fc0e093018f422de7e703520_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5c8d3638fc0e093018f422de7e703520
- SHA1
  
  611d88790efba6f623d6520bce8949fccb069151
- SHA256
  
  a5bd7f0cff464447aa29f3f4f3447db2268f7c76da17d88d33539841b8cf01f3
- SHA512
  
  3d43673fbce20097dc22c4a51622175b4097753636cb121921c948fbf6b3d34572cddf984693692a5510ae2de5dca83c5a9f20daa71ed9eb3b94f3491f83f219
- SSDEEP
  
  384:iL7li/2z0q2DcEQvdhcJKLTp/NK9xa4+:8YM/Q9c4+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2