be85695b3b872d21ed9f3964b33263e9c53638fab301614aac13cde64b7510ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e7d3090a4a4d29a3489992fdeba41b0_NeikiAnalytics.exe
Size

12KB
Sample

240530-brgalaac58
MD5

5e7d3090a4a4d29a3489992fdeba41b0
SHA1

f3771fa931e91fd34772d17dfd3245153b14eca9
SHA256

be85695b3b872d21ed9f3964b33263e9c53638fab301614aac13cde64b7510ab
SHA512

cc7f63b2fc748ceefde3dc0819cddef7388f9c475348e9df71ece489edef6a067838fc1065f9a7a38d48a10a430518bc74af78bb2d72262811985a379d44906c
SSDEEP

384:iL7li/2zWq2DcEQvdhcJKLTp/NK9xar5:8WM/Q9cr5

Score

7^/10

Malware Config

Targets

- Target
  
  5e7d3090a4a4d29a3489992fdeba41b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5e7d3090a4a4d29a3489992fdeba41b0
- SHA1
  
  f3771fa931e91fd34772d17dfd3245153b14eca9
- SHA256
  
  be85695b3b872d21ed9f3964b33263e9c53638fab301614aac13cde64b7510ab
- SHA512
  
  cc7f63b2fc748ceefde3dc0819cddef7388f9c475348e9df71ece489edef6a067838fc1065f9a7a38d48a10a430518bc74af78bb2d72262811985a379d44906c
- SSDEEP
  
  384:iL7li/2zWq2DcEQvdhcJKLTp/NK9xar5:8WM/Q9cr5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2