0c19d17c0f0a28ce9f79fa2db9f4fb8a098d5880d438ed60dddda272750aea7d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05e33674a86f0a15acaa4a7819aaa8d0_NeikiAnalytics.exe
Size

12KB
Sample

240530-qtpr3sac5w
MD5

05e33674a86f0a15acaa4a7819aaa8d0
SHA1

c1746390baf337fde6122a332b10d908fb4ea555
SHA256

0c19d17c0f0a28ce9f79fa2db9f4fb8a098d5880d438ed60dddda272750aea7d
SHA512

2a23a9a0f971b81a1fc69c9008152800adb81fc6ee01bb780bb353945a22a81967d9730cbde3296d82761f99afde376381584a527950d558c814850f10a83dd0
SSDEEP

384:jL7li/2zRq2DcEQvdQcJKLTp/NK9xaNY:nxMCQ9cNY

Score

7^/10

Malware Config

Targets

- Target
  
  05e33674a86f0a15acaa4a7819aaa8d0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  05e33674a86f0a15acaa4a7819aaa8d0
- SHA1
  
  c1746390baf337fde6122a332b10d908fb4ea555
- SHA256
  
  0c19d17c0f0a28ce9f79fa2db9f4fb8a098d5880d438ed60dddda272750aea7d
- SHA512
  
  2a23a9a0f971b81a1fc69c9008152800adb81fc6ee01bb780bb353945a22a81967d9730cbde3296d82761f99afde376381584a527950d558c814850f10a83dd0
- SSDEEP
  
  384:jL7li/2zRq2DcEQvdQcJKLTp/NK9xaNY:nxMCQ9cNY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2