ac188a281d96b76e71ac258de5f514a27ef5b3f59f7357e02390715e0c309f0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ea30943076c0c42f69718cc83fe9df0_NeikiAnalytics.exe
Size

12KB
Sample

240607-r47ajshh51
MD5

2ea30943076c0c42f69718cc83fe9df0
SHA1

17b2d6161680e8a763766a58d418fabec9ca6b11
SHA256

ac188a281d96b76e71ac258de5f514a27ef5b3f59f7357e02390715e0c309f0c
SHA512

500ae93da34f3a30e04e835bfd5a656d2b87e4d61e2e2224d5af98c7a0d612281aef7d0c01b71face2afb3f30d0a3736fdb4838182f2ddc85e3a01bd733a2292
SSDEEP

384:iL7li/2zAq2DcEQvdhcJKLTp/NK9xaPo:8MM/Q9cPo

Score

7^/10

Malware Config

Targets

- Target
  
  2ea30943076c0c42f69718cc83fe9df0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  2ea30943076c0c42f69718cc83fe9df0
- SHA1
  
  17b2d6161680e8a763766a58d418fabec9ca6b11
- SHA256
  
  ac188a281d96b76e71ac258de5f514a27ef5b3f59f7357e02390715e0c309f0c
- SHA512
  
  500ae93da34f3a30e04e835bfd5a656d2b87e4d61e2e2224d5af98c7a0d612281aef7d0c01b71face2afb3f30d0a3736fdb4838182f2ddc85e3a01bd733a2292
- SSDEEP
  
  384:iL7li/2zAq2DcEQvdhcJKLTp/NK9xaPo:8MM/Q9cPo
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2