5863ab1c9f2e011e13b02536e160a75582f946e52af1f89311d8db68363b77fb | Triage

Sharing

General

Target

60975a24d0d5bca2ac9dbbb8670673a0_NeikiAnalytics.exe
Size

12KB
Sample

240602-zakhpafb23
MD5

60975a24d0d5bca2ac9dbbb8670673a0
SHA1

0dcde229be7c44eaf6d1bbb928d348069da35cc1
SHA256

5863ab1c9f2e011e13b02536e160a75582f946e52af1f89311d8db68363b77fb
SHA512

9488d131d4a0d2fc9ca647da392fff57efde85b578b7afe20a11fc36f1303c80f15978e9d9542604b5293fceaa42389792f674a63aa3248948bd2a93378b4398
SSDEEP

384:fL7li/2zuq2DcEQvdQcJKLTp/NK9xaI1:T2MCQ9cI1

Score

7^/10

Malware Config

Targets

- Target
  
  60975a24d0d5bca2ac9dbbb8670673a0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  60975a24d0d5bca2ac9dbbb8670673a0
- SHA1
  
  0dcde229be7c44eaf6d1bbb928d348069da35cc1
- SHA256
  
  5863ab1c9f2e011e13b02536e160a75582f946e52af1f89311d8db68363b77fb
- SHA512
  
  9488d131d4a0d2fc9ca647da392fff57efde85b578b7afe20a11fc36f1303c80f15978e9d9542604b5293fceaa42389792f674a63aa3248948bd2a93378b4398
- SSDEEP
  
  384:fL7li/2zuq2DcEQvdQcJKLTp/NK9xaI1:T2MCQ9cI1
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2