770b0b9dc75dad954a5722f698dc3f16a82d06100f97d5fd02cfe4c9b02ffe12 | Triage

Sharing

General

Target

19362c9092cf3bf6d32fbd9973264f10_NeikiAnalytics.exe
Size

12KB
Sample

240604-a6ybzsfc8y
MD5

19362c9092cf3bf6d32fbd9973264f10
SHA1

e6185143bd2081220a80498289bb4864e614bfb8
SHA256

770b0b9dc75dad954a5722f698dc3f16a82d06100f97d5fd02cfe4c9b02ffe12
SHA512

fbb6c893971d54e79be857738e70a4d48e8cdf008d32582e262f7c095c5da304f5621168ad178c2fcdb7ec9719e585d99a1a74bcd677e91650b4ef47a277182f
SSDEEP

384:5L7li/2zzeq2DcEQvdQcJKLTp/NK9xaiQ:JaMCQ9ciQ

Score

7^/10

Malware Config

Targets

- Target
  
  19362c9092cf3bf6d32fbd9973264f10_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  19362c9092cf3bf6d32fbd9973264f10
- SHA1
  
  e6185143bd2081220a80498289bb4864e614bfb8
- SHA256
  
  770b0b9dc75dad954a5722f698dc3f16a82d06100f97d5fd02cfe4c9b02ffe12
- SHA512
  
  fbb6c893971d54e79be857738e70a4d48e8cdf008d32582e262f7c095c5da304f5621168ad178c2fcdb7ec9719e585d99a1a74bcd677e91650b4ef47a277182f
- SSDEEP
  
  384:5L7li/2zzeq2DcEQvdQcJKLTp/NK9xaiQ:JaMCQ9ciQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2