772ecfc97593fff77dea0d354a2c865d15264d439ef1053a562c42035906b793 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cdf37996fa416236f1fe31484d5a5f0_NeikiAnalytics.exe
Size

12KB
Sample

240603-fzwsgach4x
MD5

9cdf37996fa416236f1fe31484d5a5f0
SHA1

a3423bbdbe31d62ab4347daebd16979485432fad
SHA256

772ecfc97593fff77dea0d354a2c865d15264d439ef1053a562c42035906b793
SHA512

055254ad2ced8591544f54cccd0a7f8b5351f0d324c9586d6aed28f66d8b57f259812786d0c760e817253c3a4c2bdf61f458eb6c196ba9fbe55ea5202b329f0b
SSDEEP

384:5L7li/2z/q2DcEQvdQcJKLTp/NK9xalr:JrMCQ9clr

Score

7^/10

Malware Config

Targets

- Target
  
  9cdf37996fa416236f1fe31484d5a5f0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  9cdf37996fa416236f1fe31484d5a5f0
- SHA1
  
  a3423bbdbe31d62ab4347daebd16979485432fad
- SHA256
  
  772ecfc97593fff77dea0d354a2c865d15264d439ef1053a562c42035906b793
- SHA512
  
  055254ad2ced8591544f54cccd0a7f8b5351f0d324c9586d6aed28f66d8b57f259812786d0c760e817253c3a4c2bdf61f458eb6c196ba9fbe55ea5202b329f0b
- SSDEEP
  
  384:5L7li/2z/q2DcEQvdQcJKLTp/NK9xalr:JrMCQ9clr
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2