694a7e504e19fb661c77560ca28d2735f1207d60d33e4d657e3ee3fce21fd742 | Triage

Sharing

General

Target

74e406cc8c6505f2e89b6a79edc20120_NeikiAnalytics.exe
Size

12KB
Sample

240531-dvy1xsdc9w
MD5

74e406cc8c6505f2e89b6a79edc20120
SHA1

a9258120dfe7c2fb9907d8885e76a44b18053a9f
SHA256

694a7e504e19fb661c77560ca28d2735f1207d60d33e4d657e3ee3fce21fd742
SHA512

741534eb679d74ee130fce36eb4d37d73f556803da20033052f2b38dac8638b9280c5fcb8ab0e4259c4d1f6dfbb21eac7344dd59da9410dc32c226ca89248cae
SSDEEP

384:SL7li/2zKq2DcEQvdhcJKLTp/NK9xafb:M6M/Q9cfb

Score

7^/10

Malware Config

Targets

- Target
  
  74e406cc8c6505f2e89b6a79edc20120_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  74e406cc8c6505f2e89b6a79edc20120
- SHA1
  
  a9258120dfe7c2fb9907d8885e76a44b18053a9f
- SHA256
  
  694a7e504e19fb661c77560ca28d2735f1207d60d33e4d657e3ee3fce21fd742
- SHA512
  
  741534eb679d74ee130fce36eb4d37d73f556803da20033052f2b38dac8638b9280c5fcb8ab0e4259c4d1f6dfbb21eac7344dd59da9410dc32c226ca89248cae
- SSDEEP
  
  384:SL7li/2zKq2DcEQvdhcJKLTp/NK9xafb:M6M/Q9cfb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2