5e976b7698d003c398862f7604ffcda9642067abb03ff08023282032904fee0f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85174164e4a38ca269c8e339c77e4610_NeikiAnalytics.exe
Size

71KB
Sample

240531-3ww1dsab7y
MD5

85174164e4a38ca269c8e339c77e4610
SHA1

38460e3d23bd624a4e6845903c7fa2ec48d91dfb
SHA256

5e976b7698d003c398862f7604ffcda9642067abb03ff08023282032904fee0f
SHA512

ad1820b2479aaa773ed729e18c4a4886cfeb103a958f88ddc63ba3497f5ea7fad2eef89e6ac0da4837a8e157c2b315ed17bbcc218e8198f3bba2c2eb956c800d
SSDEEP

768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXNhhhhOyyyY:Tr3Z5IfQmv81ar1yXtZLhhhhOyyyY

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  85174164e4a38ca269c8e339c77e4610_NeikiAnalytics.exe
- Size
  
  71KB
- MD5
  
  85174164e4a38ca269c8e339c77e4610
- SHA1
  
  38460e3d23bd624a4e6845903c7fa2ec48d91dfb
- SHA256
  
  5e976b7698d003c398862f7604ffcda9642067abb03ff08023282032904fee0f
- SHA512
  
  ad1820b2479aaa773ed729e18c4a4886cfeb103a958f88ddc63ba3497f5ea7fad2eef89e6ac0da4837a8e157c2b315ed17bbcc218e8198f3bba2c2eb956c800d
- SSDEEP
  
  768:TrItKyw5WHXfQmjIiIk9ecAa0Mb96SyX1DLdRXXXNhhhhOyyyY:Tr3Z5IfQmv81ar1yXtZLhhhhOyyyY
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2