d8d74253058caa01e35b89504d1867a6171cab467f7857296c7d689bbc55c259 | Triage

Sharing

General

Target

950e73d2851de078803c4fa343dd9150_NeikiAnalytics.exe
Size

55KB
Sample

240608-hexkdaag87
MD5

950e73d2851de078803c4fa343dd9150
SHA1

d370a583e1ff7be085ed0f15be90c49fc2d03e14
SHA256

d8d74253058caa01e35b89504d1867a6171cab467f7857296c7d689bbc55c259
SHA512

dc44982e9490a3225bbf1e7e38dc55703a1769a1303c18bfcab0fd0f63397fc581d0f1273c046050a777a62fc5dc09fc2834f98894778b094617da133950d319
SSDEEP

768:MApQr0DWvdFJI34HGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENREMZ7vs/FJU:MAaJJlTsh7pWezEPJB+OeJU

Score

7^/10

Malware Config

Targets

- Target
  
  950e73d2851de078803c4fa343dd9150_NeikiAnalytics.exe
- Size
  
  55KB
- MD5
  
  950e73d2851de078803c4fa343dd9150
- SHA1
  
  d370a583e1ff7be085ed0f15be90c49fc2d03e14
- SHA256
  
  d8d74253058caa01e35b89504d1867a6171cab467f7857296c7d689bbc55c259
- SHA512
  
  dc44982e9490a3225bbf1e7e38dc55703a1769a1303c18bfcab0fd0f63397fc581d0f1273c046050a777a62fc5dc09fc2834f98894778b094617da133950d319
- SSDEEP
  
  768:MApQr0DWvdFJI34HGxusOy9Rp1pLeAxoeC48PqK1OtaP6cCFzENREMZ7vs/FJU:MAaJJlTsh7pWezEPJB+OeJU
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2