ee08fd8ca1521a0235d2da68c9f678b64808a05dd0a029fdb8b460ddcc805d89 | Triage

Sharing

General

Target

239d5037c422d8dce2cb66aa525f4ee0_NeikiAnalytics.exe
Size

12KB
Sample

240605-bhsx2ahe9x
MD5

239d5037c422d8dce2cb66aa525f4ee0
SHA1

bb2002a4ac84ed6ea8b548615d72cce7abc2348e
SHA256

ee08fd8ca1521a0235d2da68c9f678b64808a05dd0a029fdb8b460ddcc805d89
SHA512

2e1908acc5f30c759eb19942cf9d3ca3bf52073ee39c3f6837cdb109f68aef7b9c53d2d769fc235681c602fbdf9efdcaf344aa407302fa8aa856d151e72a14e3
SSDEEP

384:BL7li/2zEq2DcEQvdQcJKLTp/NK9xaR9:hAMCQ9cR9

Score

7^/10

Malware Config

Targets

- Target
  
  239d5037c422d8dce2cb66aa525f4ee0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  239d5037c422d8dce2cb66aa525f4ee0
- SHA1
  
  bb2002a4ac84ed6ea8b548615d72cce7abc2348e
- SHA256
  
  ee08fd8ca1521a0235d2da68c9f678b64808a05dd0a029fdb8b460ddcc805d89
- SHA512
  
  2e1908acc5f30c759eb19942cf9d3ca3bf52073ee39c3f6837cdb109f68aef7b9c53d2d769fc235681c602fbdf9efdcaf344aa407302fa8aa856d151e72a14e3
- SSDEEP
  
  384:BL7li/2zEq2DcEQvdQcJKLTp/NK9xaR9:hAMCQ9cR9
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2