General

  • Target

    966407312df1d773622080602f1ee5d0_NeikiAnalytics.exe

  • Size

    12KB

  • Sample

    240608-hqya2sah96

  • MD5

    966407312df1d773622080602f1ee5d0

  • SHA1

    2f16b9dfcd4e0dd01616ef1ff1983b348839c94f

  • SHA256

    0632a7c6bec36d9beb4b94bf0ca8e39f2284279804f9bfbc476b5a408b5a758d

  • SHA512

    58b1a02facd1d1c37bbd749629ea2403b6274e6a66aacfcdc824920468852fad88a2a3a980e3a88ec41b3bb3227d6206067433b60a9fd72ee88b9f7ec653561a

  • SSDEEP

    384:NL7li/2zhq2DcEQvdhcJKLTp/NK9xak0:dxM/Q9ck0

Score
7/10

Malware Config

Targets

    • Target

      966407312df1d773622080602f1ee5d0_NeikiAnalytics.exe

    • Size

      12KB

    • MD5

      966407312df1d773622080602f1ee5d0

    • SHA1

      2f16b9dfcd4e0dd01616ef1ff1983b348839c94f

    • SHA256

      0632a7c6bec36d9beb4b94bf0ca8e39f2284279804f9bfbc476b5a408b5a758d

    • SHA512

      58b1a02facd1d1c37bbd749629ea2403b6274e6a66aacfcdc824920468852fad88a2a3a980e3a88ec41b3bb3227d6206067433b60a9fd72ee88b9f7ec653561a

    • SSDEEP

      384:NL7li/2zhq2DcEQvdhcJKLTp/NK9xak0:dxM/Q9ck0

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

MITRE ATT&CK Enterprise v15

Tasks