7db56a5fa35f5fd3580fbccdb3fe4c26971292836ec519195fa320e7f1a5a0bc | Triage

Sharing

General

Target

3b1b2b67d57db3bd524d256eddba4af0_NeikiAnalytics.exe
Size

80KB
Sample

240604-htbapahd39
MD5

3b1b2b67d57db3bd524d256eddba4af0
SHA1

d48447a49f73638befdab7720b84feb865877bf1
SHA256

7db56a5fa35f5fd3580fbccdb3fe4c26971292836ec519195fa320e7f1a5a0bc
SHA512

e5afa2fd2ac70d948531c4e1115bfee3485384209d5563fe8148504e5317d383f99d11ed31fdc2b0a71244a31a8f313aecd5703f2fa13187e86d2b965a9cabb8
SSDEEP

1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVz8:AfMibQPj7Msq5j5cUwAZ4Q

Score

7^/10

Malware Config

Targets

- Target
  
  3b1b2b67d57db3bd524d256eddba4af0_NeikiAnalytics.exe
- Size
  
  80KB
- MD5
  
  3b1b2b67d57db3bd524d256eddba4af0
- SHA1
  
  d48447a49f73638befdab7720b84feb865877bf1
- SHA256
  
  7db56a5fa35f5fd3580fbccdb3fe4c26971292836ec519195fa320e7f1a5a0bc
- SHA512
  
  e5afa2fd2ac70d948531c4e1115bfee3485384209d5563fe8148504e5317d383f99d11ed31fdc2b0a71244a31a8f313aecd5703f2fa13187e86d2b965a9cabb8
- SSDEEP
  
  1536:6zfMMkqZPUMRsNFljx5sGOgMsqPhd976zdNE6ecbe1wA2sAVz8:AfMibQPj7Msq5j5cUwAZ4Q
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2