749334d19368383b01566b07d4589964ede7f3c6112cd05f65910befa78c30e5 | Triage

Sharing

General

Target

f8f52b2695850904f8265611fb51bdf0_NeikiAnalytics.exe
Size

556KB
Sample

240530-njn2page25
MD5

f8f52b2695850904f8265611fb51bdf0
SHA1

7286261dfe100dd2586e788ef93d01c28e23a6a5
SHA256

749334d19368383b01566b07d4589964ede7f3c6112cd05f65910befa78c30e5
SHA512

ee2b335048953c0f5ec0c4d1f7b5747b56682624fbd422971dc365add135fa2536b108a44affedda11a8ec116a7c49f0873e84cfa857070e40e9ac12b997b3a7
SSDEEP

3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx/:dqDAwl0xPTMiR9JSSxPUKYGdodHTu

Score

7^/10

Malware Config

Targets

- Target
  
  f8f52b2695850904f8265611fb51bdf0_NeikiAnalytics.exe
- Size
  
  556KB
- MD5
  
  f8f52b2695850904f8265611fb51bdf0
- SHA1
  
  7286261dfe100dd2586e788ef93d01c28e23a6a5
- SHA256
  
  749334d19368383b01566b07d4589964ede7f3c6112cd05f65910befa78c30e5
- SHA512
  
  ee2b335048953c0f5ec0c4d1f7b5747b56682624fbd422971dc365add135fa2536b108a44affedda11a8ec116a7c49f0873e84cfa857070e40e9ac12b997b3a7
- SSDEEP
  
  3072:dCaoAs101Pol0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx/:dqDAwl0xPTMiR9JSSxPUKYGdodHTu
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2