eb8f94a7ed05a3972b9d53d9c50add9c06324dda19774e403bfe2be924515a99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b2493295303400c36fbc99285710fe0_NeikiAnalytics.exe
Size

12KB
Sample

240605-j7v3pabd88
MD5

4b2493295303400c36fbc99285710fe0
SHA1

c2045cabb2078d4e217fe3631039b0e0a6f22596
SHA256

eb8f94a7ed05a3972b9d53d9c50add9c06324dda19774e403bfe2be924515a99
SHA512

4e3377da9d033ed1b3d505ce464946202c9c7cee77ff66bc83e21e7bac09a4b34418886350f56350c5ac8efcb21557b6e058c6f0dcc4692581c83cddf911a6f0
SSDEEP

384:0L7li/2zyJq2DcEQvdQcJKLTp/NK9xa4W:i0MCQ9c4W

Score

7^/10

Malware Config

Targets

- Target
  
  4b2493295303400c36fbc99285710fe0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  4b2493295303400c36fbc99285710fe0
- SHA1
  
  c2045cabb2078d4e217fe3631039b0e0a6f22596
- SHA256
  
  eb8f94a7ed05a3972b9d53d9c50add9c06324dda19774e403bfe2be924515a99
- SHA512
  
  4e3377da9d033ed1b3d505ce464946202c9c7cee77ff66bc83e21e7bac09a4b34418886350f56350c5ac8efcb21557b6e058c6f0dcc4692581c83cddf911a6f0
- SSDEEP
  
  384:0L7li/2zyJq2DcEQvdQcJKLTp/NK9xa4W:i0MCQ9c4W
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2