e282d3607f5b07def18bbaa16c078baa000aef4eb3d48e615319c56761247993 | Triage

Sharing

General

Target

0f5abecd5dfc00bbc09f7052f6405f30_NeikiAnalytics.exe
Size

12KB
Sample

240606-nyjqhsdg2s
MD5

0f5abecd5dfc00bbc09f7052f6405f30
SHA1

251fb46678761cf1c29abdaebf5e616d3dfca8bc
SHA256

e282d3607f5b07def18bbaa16c078baa000aef4eb3d48e615319c56761247993
SHA512

093293378143fd640faa97a2249e63a63e183e2110f52350e30d18048554037c0271c6c25db2513a2909303c7a0b7ac51743bd74089aae22cc0523603904687d
SSDEEP

384:HL7li/2zHq2DcEQvdhcJKLTp/NK9xa+c:rjM/Q9c+c

Score

7^/10

Malware Config

Targets

- Target
  
  0f5abecd5dfc00bbc09f7052f6405f30_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  0f5abecd5dfc00bbc09f7052f6405f30
- SHA1
  
  251fb46678761cf1c29abdaebf5e616d3dfca8bc
- SHA256
  
  e282d3607f5b07def18bbaa16c078baa000aef4eb3d48e615319c56761247993
- SHA512
  
  093293378143fd640faa97a2249e63a63e183e2110f52350e30d18048554037c0271c6c25db2513a2909303c7a0b7ac51743bd74089aae22cc0523603904687d
- SSDEEP
  
  384:HL7li/2zHq2DcEQvdhcJKLTp/NK9xa+c:rjM/Q9c+c
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2