25b7b7bfa0ff0c9de2a8b6f8fb220e6470058893e534859930cdbc40c56c1817 | Triage

Sharing

General

Target

80421c99bfa137383959a8d50807c010_NeikiAnalytics.exe
Size

224KB
Sample

240531-z8nyrsdg8y
MD5

80421c99bfa137383959a8d50807c010
SHA1

7b7c8edbaa8b8316f0c9de72344c2623b11b1d49
SHA256

25b7b7bfa0ff0c9de2a8b6f8fb220e6470058893e534859930cdbc40c56c1817
SHA512

5acbf1d95b7e21b6d7978d4dcaab7fdb5b6edd2899343560d0ae6a788633c667445e4852856b34612fba5df434e2c09911be1dff8943d79865e995307395b4ba
SSDEEP

3072:GcpKx5fBiyRIhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:Gcox5fBiyeAYcD6Kad

Score

7^/10

Malware Config

Targets

- Target
  
  80421c99bfa137383959a8d50807c010_NeikiAnalytics.exe
- Size
  
  224KB
- MD5
  
  80421c99bfa137383959a8d50807c010
- SHA1
  
  7b7c8edbaa8b8316f0c9de72344c2623b11b1d49
- SHA256
  
  25b7b7bfa0ff0c9de2a8b6f8fb220e6470058893e534859930cdbc40c56c1817
- SHA512
  
  5acbf1d95b7e21b6d7978d4dcaab7fdb5b6edd2899343560d0ae6a788633c667445e4852856b34612fba5df434e2c09911be1dff8943d79865e995307395b4ba
- SSDEEP
  
  3072:GcpKx5fBiyRIhCjG8G3GbGVGBGfGuGxGWYcrf6Kad0:Gcox5fBiyeAYcD6Kad
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2