24a8cd8aea3c786a001cae6c907bd85a707e25d8f04cb36bd27fc34e18f30f7f | Triage

Sharing

General

Target

426c6e1b1cdf078fe14dc121725beb90_NeikiAnalytics.exe
Size

12KB
Sample

240604-j3db3sad9s
MD5

426c6e1b1cdf078fe14dc121725beb90
SHA1

68ae76e5c5fc76875d82f4c94a57614b374fd4fd
SHA256

24a8cd8aea3c786a001cae6c907bd85a707e25d8f04cb36bd27fc34e18f30f7f
SHA512

c56c4e8059e95ecc5428b718fdbeb3104bb8477f6287d7f0150adee9f65946bb8b369dd7e84814a174423651b8f7d2c410a13fcc8a61b20a448ea5006098e99e
SSDEEP

384:5L7li/2zYq2DcEQvdhcJKLTp/NK9xawc:JkM/Q9cwc

Score

7^/10

Malware Config

Targets

- Target
  
  426c6e1b1cdf078fe14dc121725beb90_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  426c6e1b1cdf078fe14dc121725beb90
- SHA1
  
  68ae76e5c5fc76875d82f4c94a57614b374fd4fd
- SHA256
  
  24a8cd8aea3c786a001cae6c907bd85a707e25d8f04cb36bd27fc34e18f30f7f
- SHA512
  
  c56c4e8059e95ecc5428b718fdbeb3104bb8477f6287d7f0150adee9f65946bb8b369dd7e84814a174423651b8f7d2c410a13fcc8a61b20a448ea5006098e99e
- SSDEEP
  
  384:5L7li/2zYq2DcEQvdhcJKLTp/NK9xawc:JkM/Q9cwc
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2