541309bc11556d4827d2e42a1a917dcb64211d94bf8853e85e3016233e75eff2 | Triage

Sharing

General

Target

06dd75ba44c36922bd739f6df6a3b1e0_NeikiAnalytics.exe
Size

12KB
Sample

240606-ma46wadg63
MD5

06dd75ba44c36922bd739f6df6a3b1e0
SHA1

5134c6f1457b9347f807e384d7538bb8d6024626
SHA256

541309bc11556d4827d2e42a1a917dcb64211d94bf8853e85e3016233e75eff2
SHA512

28cb4e58a9f2573b347aa114671ec9fe8bc2861a41ca218c955999bd9858e209b7a4ac0e1f7c856d4d85ddf961ab7a85385170bf52721e7869ce1ef3bfe80cfc
SSDEEP

384:8L7li/2zvq2DcEQvdhcJKLTp/NK9xa8p:a7M/Q9c8p

Score

7^/10

Malware Config

Targets

- Target
  
  06dd75ba44c36922bd739f6df6a3b1e0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  06dd75ba44c36922bd739f6df6a3b1e0
- SHA1
  
  5134c6f1457b9347f807e384d7538bb8d6024626
- SHA256
  
  541309bc11556d4827d2e42a1a917dcb64211d94bf8853e85e3016233e75eff2
- SHA512
  
  28cb4e58a9f2573b347aa114671ec9fe8bc2861a41ca218c955999bd9858e209b7a4ac0e1f7c856d4d85ddf961ab7a85385170bf52721e7869ce1ef3bfe80cfc
- SSDEEP
  
  384:8L7li/2zvq2DcEQvdhcJKLTp/NK9xa8p:a7M/Q9c8p
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2