a9aa249fdd5dfe74d0eb26a4fb2d2de291907a50982921872ef868d0f69407af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26a300afe029915a17ef3c1c676ec990_NeikiAnalytics.exe
Size

12KB
Sample

240607-aek8caeb2v
MD5

26a300afe029915a17ef3c1c676ec990
SHA1

51c0a18403ef3e169ac77bee66cfd16d35232732
SHA256

a9aa249fdd5dfe74d0eb26a4fb2d2de291907a50982921872ef868d0f69407af
SHA512

9431c483d81029301bf6fe177178138ce8058b1b10f714771f04d19d269064930940e5bb53b5e98e2fe7772cbc8e6be59715e91e90fc48536a165dfda831cb65
SSDEEP

384:5L7li/2zqq2DcEQvdhcJKLTp/NK9xa4s:JiM/Q9c4s

Score

7^/10

Malware Config

Targets

- Target
  
  26a300afe029915a17ef3c1c676ec990_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  26a300afe029915a17ef3c1c676ec990
- SHA1
  
  51c0a18403ef3e169ac77bee66cfd16d35232732
- SHA256
  
  a9aa249fdd5dfe74d0eb26a4fb2d2de291907a50982921872ef868d0f69407af
- SHA512
  
  9431c483d81029301bf6fe177178138ce8058b1b10f714771f04d19d269064930940e5bb53b5e98e2fe7772cbc8e6be59715e91e90fc48536a165dfda831cb65
- SSDEEP
  
  384:5L7li/2zqq2DcEQvdhcJKLTp/NK9xa4s:JiM/Q9c4s
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2