ea23c8330d44284148959b8e29474f3bb313a9c97f95db31b5b2a0308e0731c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a073d7189399abd1189662499ada240_NeikiAnalytics.exe
Size

53KB
Sample

240601-3cft3abb29
MD5

0a073d7189399abd1189662499ada240
SHA1

aecf2fb9088831b75d6404f8c2193a5e77ef8353
SHA256

ea23c8330d44284148959b8e29474f3bb313a9c97f95db31b5b2a0308e0731c6
SHA512

f06152fe10d84ca70ff811af1ac76fc7495428d77d7f4dee41009f79057560fd5c559024aaf78671877c99111425dcb072aa1566da0b2a080518fa12c21c2433
SSDEEP

1536:vNSg8r8Q4QLBNz7Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:5kBNzJJjmLM3zRJWZsXy4JN

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  0a073d7189399abd1189662499ada240_NeikiAnalytics.exe
- Size
  
  53KB
- MD5
  
  0a073d7189399abd1189662499ada240
- SHA1
  
  aecf2fb9088831b75d6404f8c2193a5e77ef8353
- SHA256
  
  ea23c8330d44284148959b8e29474f3bb313a9c97f95db31b5b2a0308e0731c6
- SHA512
  
  f06152fe10d84ca70ff811af1ac76fc7495428d77d7f4dee41009f79057560fd5c559024aaf78671877c99111425dcb072aa1566da0b2a080518fa12c21c2433
- SSDEEP
  
  1536:vNSg8r8Q4QLBNz7Kp3StjEMjmLM3ztDJWZsXy4JzxPMk:5kBNzJJjmLM3zRJWZsXy4JN
Score

10^/10

evasion persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence