General

  • Target

    a49a743abdd897aa3e4e004503433b50_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240603-qgtkhaha54

  • MD5

    a49a743abdd897aa3e4e004503433b50

  • SHA1

    fda312ece9663d0fdc62bbd9f85b7f6f11211a84

  • SHA256

    ffec71ef3f0464bd4ceb1fbaff21ebcf8c684622e09ad4e4c05cf23a9cc731fb

  • SHA512

    85d57ed8c2bf3be96d75b436d77370e1a4d602c75c7e530c3ed23e7201cbb6a9354d77a2c38503ed8b1e27c34a167cfa6e28ef95af56fafbc03ddca6cd743211

  • SSDEEP

    384:iL7li/2zMq2DcEQvdQcJKLTp/NK9xaFk:8gMCQ9cFk

Score
7/10

Malware Config

Targets

    • Target

      a49a743abdd897aa3e4e004503433b50_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      a49a743abdd897aa3e4e004503433b50

    • SHA1

      fda312ece9663d0fdc62bbd9f85b7f6f11211a84

    • SHA256

      ffec71ef3f0464bd4ceb1fbaff21ebcf8c684622e09ad4e4c05cf23a9cc731fb

    • SHA512

      85d57ed8c2bf3be96d75b436d77370e1a4d602c75c7e530c3ed23e7201cbb6a9354d77a2c38503ed8b1e27c34a167cfa6e28ef95af56fafbc03ddca6cd743211

    • SSDEEP

      384:iL7li/2zMq2DcEQvdQcJKLTp/NK9xaFk:8gMCQ9cFk

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks