b443084a080b8af1283ad93a493eb5cf29d4ad00913be3d71165f51b9d9501b6 | Triage

Sharing

General

Target

02a111a60ac937beff32d2b4efe496f0_NeikiAnalytics.exe
Size

288KB
Sample

240604-zwsfescb42
MD5

02a111a60ac937beff32d2b4efe496f0
SHA1

7936a8bcb5c3eddba9195e893a65542e7cf35660
SHA256

b443084a080b8af1283ad93a493eb5cf29d4ad00913be3d71165f51b9d9501b6
SHA512

2f1b3358e75488ff1393b06d129ed23e1f636085d3c43ca898203b50e718b09efa01c2d4b791c9cc18ee4a5aa2e36c7537108877c565c2d1bfd73d8a7eaabdc8
SSDEEP

6144:HQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:HQMyfmNFHfnWfhLZVHmOog

Score

7^/10

Malware Config

Targets

- Target
  
  02a111a60ac937beff32d2b4efe496f0_NeikiAnalytics.exe
- Size
  
  288KB
- MD5
  
  02a111a60ac937beff32d2b4efe496f0
- SHA1
  
  7936a8bcb5c3eddba9195e893a65542e7cf35660
- SHA256
  
  b443084a080b8af1283ad93a493eb5cf29d4ad00913be3d71165f51b9d9501b6
- SHA512
  
  2f1b3358e75488ff1393b06d129ed23e1f636085d3c43ca898203b50e718b09efa01c2d4b791c9cc18ee4a5aa2e36c7537108877c565c2d1bfd73d8a7eaabdc8
- SSDEEP
  
  6144:HQ+Tyfx4NF67Sbq2nW82X45gc3BaLZVS0mOoC8zbzDie:HQMyfmNFHfnWfhLZVHmOog
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2