f13207d0a7c9846b1a069e4a99f9ab12f3535d318180b51ec95589ab521cc56e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8648b93220e1cf33ea269d201e082960_NeikiAnalytics.exe
Size

12KB
Sample

240602-3xsz5ach72
MD5

8648b93220e1cf33ea269d201e082960
SHA1

ab903ec6349e50b30f4aba787d2b8d6f1808dd1d
SHA256

f13207d0a7c9846b1a069e4a99f9ab12f3535d318180b51ec95589ab521cc56e
SHA512

fff2d141f0ab91ab9712502d3c7f1b89a5283ce510b6fe64e3a1989869cab169d0bc890d51d7a6c1dddbf6823fa434ed6fdba4e94c553c3684e87f818d36941a
SSDEEP

384:gL7li/2zdq2DcEQvdhcJKLTp/NK9xaxX:+dM/Q9cxX

Score

7^/10

Malware Config

Targets

- Target
  
  8648b93220e1cf33ea269d201e082960_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  8648b93220e1cf33ea269d201e082960
- SHA1
  
  ab903ec6349e50b30f4aba787d2b8d6f1808dd1d
- SHA256
  
  f13207d0a7c9846b1a069e4a99f9ab12f3535d318180b51ec95589ab521cc56e
- SHA512
  
  fff2d141f0ab91ab9712502d3c7f1b89a5283ce510b6fe64e3a1989869cab169d0bc890d51d7a6c1dddbf6823fa434ed6fdba4e94c553c3684e87f818d36941a
- SSDEEP
  
  384:gL7li/2zdq2DcEQvdhcJKLTp/NK9xaxX:+dM/Q9cxX
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2