fd92672e942da7f35a3c6167e4fd2f38ba1faaf0972087a17b5cfb1a6a43644c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f31a59d85c12c4b20a6eaa3b6ac4040_NeikiAnalytics.exe
Size

12KB
Sample

240604-fhnersec66
MD5

2f31a59d85c12c4b20a6eaa3b6ac4040
SHA1

abe8a2d57682173c44d75dc97ee731f9a764a290
SHA256

fd92672e942da7f35a3c6167e4fd2f38ba1faaf0972087a17b5cfb1a6a43644c
SHA512

e7bb26bdcfa151ab507f6994930cde0b384cce8812d406628535c72ff57856c4e7aee8a1fac31c60c73dbf4c7961a486e5693a116a7ad406008c17219b98f873
SSDEEP

384:YL7li/2zaq2DcEQvdQcJKLTp/NK9xaXp:mCMCQ9cXp

Score

7^/10

Malware Config

Targets

- Target
  
  2f31a59d85c12c4b20a6eaa3b6ac4040_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  2f31a59d85c12c4b20a6eaa3b6ac4040
- SHA1
  
  abe8a2d57682173c44d75dc97ee731f9a764a290
- SHA256
  
  fd92672e942da7f35a3c6167e4fd2f38ba1faaf0972087a17b5cfb1a6a43644c
- SHA512
  
  e7bb26bdcfa151ab507f6994930cde0b384cce8812d406628535c72ff57856c4e7aee8a1fac31c60c73dbf4c7961a486e5693a116a7ad406008c17219b98f873
- SSDEEP
  
  384:YL7li/2zaq2DcEQvdQcJKLTp/NK9xaXp:mCMCQ9cXp
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2