398deb4ed694c71ca48f6fb70cd669e6743f64acf8d1d7ad4bcc9bd095549f76 | Triage

Sharing

General

Target

4e0ac92347b930531fa7cce4144b5600_NeikiAnalytics.exe
Size

12KB
Sample

240607-mes96seg4s
MD5

4e0ac92347b930531fa7cce4144b5600
SHA1

f96cba060a83722e90cec4ef58cccd63b25277ae
SHA256

398deb4ed694c71ca48f6fb70cd669e6743f64acf8d1d7ad4bcc9bd095549f76
SHA512

b55a040d1f4f3ee6aecbd0ffd867d39396b4f2d36c30156352b0e4328683f39430621cdc889684b3db6fdafcef82cf1cee50541a7caf799a25967d131a117422
SSDEEP

384:OL7li/2z7q2DcEQvdhcJKLTp/NK9xahK:YHM/Q9chK

Score

7^/10

Malware Config

Targets

- Target
  
  4e0ac92347b930531fa7cce4144b5600_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  4e0ac92347b930531fa7cce4144b5600
- SHA1
  
  f96cba060a83722e90cec4ef58cccd63b25277ae
- SHA256
  
  398deb4ed694c71ca48f6fb70cd669e6743f64acf8d1d7ad4bcc9bd095549f76
- SHA512
  
  b55a040d1f4f3ee6aecbd0ffd867d39396b4f2d36c30156352b0e4328683f39430621cdc889684b3db6fdafcef82cf1cee50541a7caf799a25967d131a117422
- SSDEEP
  
  384:OL7li/2z7q2DcEQvdhcJKLTp/NK9xahK:YHM/Q9chK
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2