4ae22b9c1c3b7ca9fbf10b765d8970eec7434716fc67aecbfbea60233aa4d9e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7fb876bf482467cf233b3e098e59fe40_NeikiAnalytics.exe
Size

82KB
Sample

240531-zwvwjseb68
MD5

7fb876bf482467cf233b3e098e59fe40
SHA1

84644c7dda46cbfcb74fa80b2cbc5d7577dae66a
SHA256

4ae22b9c1c3b7ca9fbf10b765d8970eec7434716fc67aecbfbea60233aa4d9e5
SHA512

fd09d530b2b6edd4272ec432d18959633b5e0cabef95a648474da04433560cc96420f30f78a11d8728e74c410ac90b31755ccbaafc86dc28257029a95ef797d9
SSDEEP

1536:azUQz74LIvK/+Czax4IHVdmRvW1BDVwrVXwm:qUQz74TmFnmRvW1gXwm

Score

7^/10

Malware Config

Targets

- Target
  
  7fb876bf482467cf233b3e098e59fe40_NeikiAnalytics.exe
- Size
  
  82KB
- MD5
  
  7fb876bf482467cf233b3e098e59fe40
- SHA1
  
  84644c7dda46cbfcb74fa80b2cbc5d7577dae66a
- SHA256
  
  4ae22b9c1c3b7ca9fbf10b765d8970eec7434716fc67aecbfbea60233aa4d9e5
- SHA512
  
  fd09d530b2b6edd4272ec432d18959633b5e0cabef95a648474da04433560cc96420f30f78a11d8728e74c410ac90b31755ccbaafc86dc28257029a95ef797d9
- SSDEEP
  
  1536:azUQz74LIvK/+Czax4IHVdmRvW1BDVwrVXwm:qUQz74TmFnmRvW1gXwm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2