fd404cb3beaf1825a9ccf7933a852cb05591c5aa7af43b8b49574ba268d49e02 | Triage

Sharing

General

Target

47a95681b87d3de030a603a414d59900_NeikiAnalytics.exe
Size

42KB
Sample

240603-tl8rrsbh5z
MD5

47a95681b87d3de030a603a414d59900
SHA1

ad33cb7da599eb7896ffb4f412213a7376c647e6
SHA256

fd404cb3beaf1825a9ccf7933a852cb05591c5aa7af43b8b49574ba268d49e02
SHA512

7097bf2f7e5b153c73f2d875170528be84bcfb947a4a3b918b9915b75d7c92fb9a70e9da4b4cbf5cbe0537bad525d1298cb69e6328ab8cbb76a17c44a639af3b
SSDEEP

768:CnnOWEvtPvkFk58sCu84euZR5FbrGePcndvz:CnOtvtPf58k8GtB8z

Score

7^/10

Malware Config

Targets

- Target
  
  47a95681b87d3de030a603a414d59900_NeikiAnalytics.exe
- Size
  
  42KB
- MD5
  
  47a95681b87d3de030a603a414d59900
- SHA1
  
  ad33cb7da599eb7896ffb4f412213a7376c647e6
- SHA256
  
  fd404cb3beaf1825a9ccf7933a852cb05591c5aa7af43b8b49574ba268d49e02
- SHA512
  
  7097bf2f7e5b153c73f2d875170528be84bcfb947a4a3b918b9915b75d7c92fb9a70e9da4b4cbf5cbe0537bad525d1298cb69e6328ab8cbb76a17c44a639af3b
- SSDEEP
  
  768:CnnOWEvtPvkFk58sCu84euZR5FbrGePcndvz:CnOtvtPf58k8GtB8z
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2