14653d8261bce4c0e8cb96d101cc8c1298509dc81814805eeae30308994ab934 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47c389a4e194f1b139176b9b3ea6a650_NeikiAnalytics.exe
Size

12KB
Sample

240605-hw9w2ahh66
MD5

47c389a4e194f1b139176b9b3ea6a650
SHA1

befbd505bfd56c6e1d4bdcdad58c3079ffb4483c
SHA256

14653d8261bce4c0e8cb96d101cc8c1298509dc81814805eeae30308994ab934
SHA512

ab02d0cb85cf6cf018ccae9e81ebaca04545f91bae766511c12b11e04c70a7991704e306cdccd96e3b235ec40dcf9d59d358c9f7994dcf4e00107ed22872e20b
SSDEEP

384:AL7li/2zZq2DcEQvdhcJKLTp/NK9xarU:e5M/Q9crU

Score

7^/10

Malware Config

Targets

- Target
  
  47c389a4e194f1b139176b9b3ea6a650_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  47c389a4e194f1b139176b9b3ea6a650
- SHA1
  
  befbd505bfd56c6e1d4bdcdad58c3079ffb4483c
- SHA256
  
  14653d8261bce4c0e8cb96d101cc8c1298509dc81814805eeae30308994ab934
- SHA512
  
  ab02d0cb85cf6cf018ccae9e81ebaca04545f91bae766511c12b11e04c70a7991704e306cdccd96e3b235ec40dcf9d59d358c9f7994dcf4e00107ed22872e20b
- SSDEEP
  
  384:AL7li/2zZq2DcEQvdhcJKLTp/NK9xarU:e5M/Q9crU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2