c9914c5bd169d2dbfffce50f4835d9d94d32392108facd9bb338805967bc0cc9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60c092aed87aa2b32bf978fe7f5dff90_NeikiAnalytics.exe
Size

80KB
Sample

240607-rqendahe8s
MD5

60c092aed87aa2b32bf978fe7f5dff90
SHA1

a29452e822e2ddd0729701e97dde2b35db50e35b
SHA256

c9914c5bd169d2dbfffce50f4835d9d94d32392108facd9bb338805967bc0cc9
SHA512

6529e6d3d58ffcd1ba3b0d440f19e5cffbe5dd04e72bc85ba20a544062129acaa5302ef103a8b6dd534e3e992f82e5b30d0cc3512fa2e7aede35efd36ab6753a
SSDEEP

1536:bDcWLfIbgEp10gyX/dtnTHNWnnn6222229T:bDXL0n0gyX/d1re22229T

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  60c092aed87aa2b32bf978fe7f5dff90_NeikiAnalytics.exe
- Size
  
  80KB
- MD5
  
  60c092aed87aa2b32bf978fe7f5dff90
- SHA1
  
  a29452e822e2ddd0729701e97dde2b35db50e35b
- SHA256
  
  c9914c5bd169d2dbfffce50f4835d9d94d32392108facd9bb338805967bc0cc9
- SHA512
  
  6529e6d3d58ffcd1ba3b0d440f19e5cffbe5dd04e72bc85ba20a544062129acaa5302ef103a8b6dd534e3e992f82e5b30d0cc3512fa2e7aede35efd36ab6753a
- SSDEEP
  
  1536:bDcWLfIbgEp10gyX/dtnTHNWnnn6222229T:bDXL0n0gyX/d1re22229T
Score

8^/10

evasion
- Sets file to hidden
  Modifies file attributes to stop it showing in Explorer etc.
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2