afe59a90801f9938ab8c456147d0767a7f4428f311675d4426d657b7d773220d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5395289d26fba4ea86c7c00b11946f70_NeikiAnalytics.exe
Size

12KB
Sample

240530-qcg1xahe8y
MD5

5395289d26fba4ea86c7c00b11946f70
SHA1

af5c9e7a3ba9f499c4f871d140e7e7dd46827884
SHA256

afe59a90801f9938ab8c456147d0767a7f4428f311675d4426d657b7d773220d
SHA512

2b5a02ec3001c5c703fe377ee59fbfff1574403e52553a03586fa574b1109b0615d0b7e0fd46062076642e9fec3629b72b50c48dea98e89b028595965a16126b
SSDEEP

384:3L7li/2z+q2DcEQvdQcJKLTp/NK9xal0:7+MCQ9cl0

Score

7^/10

Malware Config

Targets

- Target
  
  5395289d26fba4ea86c7c00b11946f70_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5395289d26fba4ea86c7c00b11946f70
- SHA1
  
  af5c9e7a3ba9f499c4f871d140e7e7dd46827884
- SHA256
  
  afe59a90801f9938ab8c456147d0767a7f4428f311675d4426d657b7d773220d
- SHA512
  
  2b5a02ec3001c5c703fe377ee59fbfff1574403e52553a03586fa574b1109b0615d0b7e0fd46062076642e9fec3629b72b50c48dea98e89b028595965a16126b
- SSDEEP
  
  384:3L7li/2z+q2DcEQvdQcJKLTp/NK9xal0:7+MCQ9cl0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2