9e17b33c6818148a9d5e47f00b13c757c957d1fe808e6486f73bebcadf9a6cf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4da2be393d3d21a7b899a14a1697ae0_NeikiAnalytics.exe
Size

687KB
Sample

240603-qncwbsfg9y
MD5

a4da2be393d3d21a7b899a14a1697ae0
SHA1

a309d01f44c91c9c2da92a44f5d2b5fc0e6ef782
SHA256

9e17b33c6818148a9d5e47f00b13c757c957d1fe808e6486f73bebcadf9a6cf1
SHA512

4b8ce3960ed96e33904078692ff8b93e6fea152970d46f30d18ae8418482b0cc06cc29d054a332c6fa7b7a3a439e9ce986866bc710710489de4c5cd4e1543159
SSDEEP

3072:tZTz1WIXC6GESSgWNRXumi7+IF6foPCaTRMXbaev0FQcmWk6kwsNIf6cHzbQ2v0V:tZHcIX9SSgMi+IFZMbQrkodzb4VF2Yd

Score

7^/10

Malware Config

Targets

- Target
  
  a4da2be393d3d21a7b899a14a1697ae0_NeikiAnalytics.exe
- Size
  
  687KB
- MD5
  
  a4da2be393d3d21a7b899a14a1697ae0
- SHA1
  
  a309d01f44c91c9c2da92a44f5d2b5fc0e6ef782
- SHA256
  
  9e17b33c6818148a9d5e47f00b13c757c957d1fe808e6486f73bebcadf9a6cf1
- SHA512
  
  4b8ce3960ed96e33904078692ff8b93e6fea152970d46f30d18ae8418482b0cc06cc29d054a332c6fa7b7a3a439e9ce986866bc710710489de4c5cd4e1543159
- SSDEEP
  
  3072:tZTz1WIXC6GESSgWNRXumi7+IF6foPCaTRMXbaev0FQcmWk6kwsNIf6cHzbQ2v0V:tZHcIX9SSgMi+IFZMbQrkodzb4VF2Yd
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2