fc9c4c22d6b9b6d33c7c7c290b67562835a0e884f3e4f186c9c4abf326b4c437 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d1bb8529b16b6062830573ba0bdb810_NeikiAnalytics.exe
Size

12KB
Sample

240607-qt931shh67
MD5

5d1bb8529b16b6062830573ba0bdb810
SHA1

2393b4c194b888f21dfb7670bf9844b64c873bd5
SHA256

fc9c4c22d6b9b6d33c7c7c290b67562835a0e884f3e4f186c9c4abf326b4c437
SHA512

b415d37612a82d8ad22eec54d1ca15a815f3619040bd977af5573ed5a45bf94071fb654b2e76da90c0ac0e27ef90105e38e2ebd1ee616f8c1a65bcfa2e0be6c9
SSDEEP

384:xL7li/2zOq2DcEQvdhcJKLTp/NK9xa+M:xmM/Q9c+M

Score

7^/10

Malware Config

Targets

- Target
  
  5d1bb8529b16b6062830573ba0bdb810_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  5d1bb8529b16b6062830573ba0bdb810
- SHA1
  
  2393b4c194b888f21dfb7670bf9844b64c873bd5
- SHA256
  
  fc9c4c22d6b9b6d33c7c7c290b67562835a0e884f3e4f186c9c4abf326b4c437
- SHA512
  
  b415d37612a82d8ad22eec54d1ca15a815f3619040bd977af5573ed5a45bf94071fb654b2e76da90c0ac0e27ef90105e38e2ebd1ee616f8c1a65bcfa2e0be6c9
- SSDEEP
  
  384:xL7li/2zOq2DcEQvdhcJKLTp/NK9xa+M:xmM/Q9c+M
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2