e9229d328373c8c01ad68ebf81f72fe64c7e93a1728f11d13e2e3ce90a68c2c0 | Triage

Sharing

General

Target

2e7adf1d541f263e48978764067027b0_NeikiAnalytics.exe
Size

12KB
Sample

240602-d1ejgahc7w
MD5

2e7adf1d541f263e48978764067027b0
SHA1

626b0d6930094dc168c9f2da08d44080f2171dcc
SHA256

e9229d328373c8c01ad68ebf81f72fe64c7e93a1728f11d13e2e3ce90a68c2c0
SHA512

dd26b90a471a151bacaa99f5b6fb2316e23de7441f3c589ed62cfef35c331a1e0ea18f4f20ec7a72a5125168bc031b2b2d1713b178810245cfa08c1820a1942b
SSDEEP

384:RL7li/2zkq2DcEQvdQcJKLTp/NK9xaQb:RQMCQ9cQb

Score

7^/10

Malware Config

Targets

- Target
  
  2e7adf1d541f263e48978764067027b0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  2e7adf1d541f263e48978764067027b0
- SHA1
  
  626b0d6930094dc168c9f2da08d44080f2171dcc
- SHA256
  
  e9229d328373c8c01ad68ebf81f72fe64c7e93a1728f11d13e2e3ce90a68c2c0
- SHA512
  
  dd26b90a471a151bacaa99f5b6fb2316e23de7441f3c589ed62cfef35c331a1e0ea18f4f20ec7a72a5125168bc031b2b2d1713b178810245cfa08c1820a1942b
- SSDEEP
  
  384:RL7li/2zkq2DcEQvdQcJKLTp/NK9xaQb:RQMCQ9cQb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2