f41daf6f135a0975abeeb2d532af1daa4c50e9a1abb63e5e31d98226ff47fc4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24da4fc28b1d329bd29f6f14dbb94ad0_NeikiAnalytics.exe
Size

62KB
Sample

240606-zgq9tach28
MD5

24da4fc28b1d329bd29f6f14dbb94ad0
SHA1

53cf980813398b8f9a89d8b90b3e643784681e73
SHA256

f41daf6f135a0975abeeb2d532af1daa4c50e9a1abb63e5e31d98226ff47fc4a
SHA512

1b37c1d3c39e392cb991416fdf9a17bec3df8f69e10c8997737f63b459a41ca039260f4fd96842ad6a9c7115b979d0b6cca32b139f741903701c9260f9096953
SSDEEP

768:MDcpEBMLfQcubV5wGE96YyXDTLddMMMMauuuuRwTTTT8kkkd:MDcfLfIbtEbyXfZYuuuuuTTTTF

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  24da4fc28b1d329bd29f6f14dbb94ad0_NeikiAnalytics.exe
- Size
  
  62KB
- MD5
  
  24da4fc28b1d329bd29f6f14dbb94ad0
- SHA1
  
  53cf980813398b8f9a89d8b90b3e643784681e73
- SHA256
  
  f41daf6f135a0975abeeb2d532af1daa4c50e9a1abb63e5e31d98226ff47fc4a
- SHA512
  
  1b37c1d3c39e392cb991416fdf9a17bec3df8f69e10c8997737f63b459a41ca039260f4fd96842ad6a9c7115b979d0b6cca32b139f741903701c9260f9096953
- SSDEEP
  
  768:MDcpEBMLfQcubV5wGE96YyXDTLddMMMMauuuuRwTTTT8kkkd:MDcfLfIbtEbyXfZYuuuuuTTTTF
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2