161f9df3b4d00c5891f5797d0c208fcd01bff6518581f6540f8a8748f097dac0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

766cee9061cbc8d629d749c22bb528f0_NeikiAnalytics.exe
Size

12KB
Sample

240602-2b7eysac85
MD5

766cee9061cbc8d629d749c22bb528f0
SHA1

89e932eb1767148ab8f8c1abab3a208f1408aef0
SHA256

161f9df3b4d00c5891f5797d0c208fcd01bff6518581f6540f8a8748f097dac0
SHA512

860da66a926f0cf6fe733dd4ff57c47820154139186c7d06c2ae859428a1ad6658de140e9ee74eb1ecbcc72ae1aaa34167b00b9d0310bca2445f15098336c6df
SSDEEP

384:TL7li/2zVq2DcEQvdhcJKLTp/NK9xa2q:3FM/Q9c2q

Score

7^/10

Malware Config

Targets

- Target
  
  766cee9061cbc8d629d749c22bb528f0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  766cee9061cbc8d629d749c22bb528f0
- SHA1
  
  89e932eb1767148ab8f8c1abab3a208f1408aef0
- SHA256
  
  161f9df3b4d00c5891f5797d0c208fcd01bff6518581f6540f8a8748f097dac0
- SHA512
  
  860da66a926f0cf6fe733dd4ff57c47820154139186c7d06c2ae859428a1ad6658de140e9ee74eb1ecbcc72ae1aaa34167b00b9d0310bca2445f15098336c6df
- SSDEEP
  
  384:TL7li/2zVq2DcEQvdhcJKLTp/NK9xa2q:3FM/Q9c2q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2