9870a66b5265880a8c4dc8840e0df1927efea750e5bca070ef1c24e03f07036d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8677feac618202c7e5ffce439a65ed60_NeikiAnalytics.exe
Size

12KB
Sample

240608-dlcrbsgh88
MD5

8677feac618202c7e5ffce439a65ed60
SHA1

4ee5b5fd96acba31cfdb86a6bc82acc1e22fc5ba
SHA256

9870a66b5265880a8c4dc8840e0df1927efea750e5bca070ef1c24e03f07036d
SHA512

b2d845bdde89e159b553c064c912eff28a0e3f2112cadc01acee066757cdb78ec16f2ff282cb78569af45b59c9d43e25b8c68aa970beecea205c6d2a0144df79
SSDEEP

384:IL7li/2zwq2DcEQvdhcJKLTp/NK9xaZO:2MM/Q9cZO

Score

7^/10

Malware Config

Targets

- Target
  
  8677feac618202c7e5ffce439a65ed60_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  8677feac618202c7e5ffce439a65ed60
- SHA1
  
  4ee5b5fd96acba31cfdb86a6bc82acc1e22fc5ba
- SHA256
  
  9870a66b5265880a8c4dc8840e0df1927efea750e5bca070ef1c24e03f07036d
- SHA512
  
  b2d845bdde89e159b553c064c912eff28a0e3f2112cadc01acee066757cdb78ec16f2ff282cb78569af45b59c9d43e25b8c68aa970beecea205c6d2a0144df79
- SSDEEP
  
  384:IL7li/2zwq2DcEQvdhcJKLTp/NK9xaZO:2MM/Q9cZO
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2