e969f7c440c899779cad74372ea1fcb0fbea59bac1d78f918dfd122912c360bd | Triage

Sharing

General

Target

72cf3876e923725b30ae947e6a5f6830_NeikiAnalytics.exe
Size

321KB
Sample

240531-cjanhsbd2x
MD5

72cf3876e923725b30ae947e6a5f6830
SHA1

0ad4b18c14519b231f19f257f5d8333b72bb85f9
SHA256

e969f7c440c899779cad74372ea1fcb0fbea59bac1d78f918dfd122912c360bd
SHA512

44dfd18860d02fd5f767d215663c395dce448558054e88a7ccb6a4519eab408ca3fed10984c9e28657b36f8a126eca42df5677d9905effa7520584cc460eb2e1
SSDEEP

1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAy:yJOfQm01mxyXHZKG7pm6j77s

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  72cf3876e923725b30ae947e6a5f6830_NeikiAnalytics.exe
- Size
  
  321KB
- MD5
  
  72cf3876e923725b30ae947e6a5f6830
- SHA1
  
  0ad4b18c14519b231f19f257f5d8333b72bb85f9
- SHA256
  
  e969f7c440c899779cad74372ea1fcb0fbea59bac1d78f918dfd122912c360bd
- SHA512
  
  44dfd18860d02fd5f767d215663c395dce448558054e88a7ccb6a4519eab408ca3fed10984c9e28657b36f8a126eca42df5677d9905effa7520584cc460eb2e1
- SSDEEP
  
  1536:ur3Z5IfQmv81a1xyXHZ+NGQSLNmCm6oyz7jBd7qDmbNPMJAy:yJOfQm01mxyXHZKG7pm6j77s
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2