338812b4ec0f3575d3b1def54b73bbc1af26d102540c55118480492c153e7a9b | Triage

Sharing

General

Target

1c5f66c1f689050ced62097bb6dff6a0_NeikiAnalytics.exe
Size

12KB
Sample

240604-bqvrlagb9x
MD5

1c5f66c1f689050ced62097bb6dff6a0
SHA1

e008b8d13ce590ce9981ddeda5009a1687a8bdc3
SHA256

338812b4ec0f3575d3b1def54b73bbc1af26d102540c55118480492c153e7a9b
SHA512

b611f89c9e9fea8e63533577c9bae58bca319a3a6a09898d708b3411401bc266b36566158d6e5340ee8f8eb0fb737fc6a76e20bd3b0fabbde7e28fff03696ed5
SSDEEP

384:pL7li/2zQq2DcEQvdQcJKLTp/NK9xa8i:Z8MCQ9c8i

Score

7^/10

Malware Config

Targets

- Target
  
  1c5f66c1f689050ced62097bb6dff6a0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  1c5f66c1f689050ced62097bb6dff6a0
- SHA1
  
  e008b8d13ce590ce9981ddeda5009a1687a8bdc3
- SHA256
  
  338812b4ec0f3575d3b1def54b73bbc1af26d102540c55118480492c153e7a9b
- SHA512
  
  b611f89c9e9fea8e63533577c9bae58bca319a3a6a09898d708b3411401bc266b36566158d6e5340ee8f8eb0fb737fc6a76e20bd3b0fabbde7e28fff03696ed5
- SSDEEP
  
  384:pL7li/2zQq2DcEQvdQcJKLTp/NK9xa8i:Z8MCQ9c8i
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2