1ee57cbd1f0b6b663c4c9ffb24a3e116735c36470d62eca6096a4147526d4eb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af8d238015c563d839f13534630bafe0_NeikiAnalytics.exe
Size

12KB
Sample

240604-lrbefscd4s
MD5

af8d238015c563d839f13534630bafe0
SHA1

136891d91d7b8c7c70742b66706e17e10914794e
SHA256

1ee57cbd1f0b6b663c4c9ffb24a3e116735c36470d62eca6096a4147526d4eb5
SHA512

eaab433460fa7f8940ec85ecbdc988fd0138597f06926cd7b9ce1cbc12883211381c063d9d0bd7fe01584147178c4303b74c6f0f30de3f7c99f391e3cc0ef9ee
SSDEEP

384:ML7li/2zSq2DcEQvdhcJKLTp/NK9xaAb:KqM/Q9cAb

Score

7^/10

Malware Config

Targets

- Target
  
  af8d238015c563d839f13534630bafe0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  af8d238015c563d839f13534630bafe0
- SHA1
  
  136891d91d7b8c7c70742b66706e17e10914794e
- SHA256
  
  1ee57cbd1f0b6b663c4c9ffb24a3e116735c36470d62eca6096a4147526d4eb5
- SHA512
  
  eaab433460fa7f8940ec85ecbdc988fd0138597f06926cd7b9ce1cbc12883211381c063d9d0bd7fe01584147178c4303b74c6f0f30de3f7c99f391e3cc0ef9ee
- SSDEEP
  
  384:ML7li/2zSq2DcEQvdhcJKLTp/NK9xaAb:KqM/Q9cAb
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2