0083fe8ef5fa529b7cb67fdd3927d91ec3d8736beb405db8612e9aee10864bf1 | Triage

Sharing

General

Target

0a623403cd3a136d7a11530348715f00_NeikiAnalytics.exe
Size

12KB
Sample

240609-b99pvsce62
MD5

0a623403cd3a136d7a11530348715f00
SHA1

7b656d6e6a1732f8656969ae0f84c29d3615cabb
SHA256

0083fe8ef5fa529b7cb67fdd3927d91ec3d8736beb405db8612e9aee10864bf1
SHA512

a78912d7fb9881258dc5bdd57aa29c7ab644953b7df4650a8ba3d0dda407d28fd242d8140b44ff0f88282270efef355c920213e3bd6232b02b5c32b8af899d6c
SSDEEP

384:BL7li/2zjq2DcEQvdhcJKLTp/NK9xaLk:h/M/Q9cLk

Score

7^/10

Malware Config

Targets

- Target
  
  0a623403cd3a136d7a11530348715f00_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  0a623403cd3a136d7a11530348715f00
- SHA1
  
  7b656d6e6a1732f8656969ae0f84c29d3615cabb
- SHA256
  
  0083fe8ef5fa529b7cb67fdd3927d91ec3d8736beb405db8612e9aee10864bf1
- SHA512
  
  a78912d7fb9881258dc5bdd57aa29c7ab644953b7df4650a8ba3d0dda407d28fd242d8140b44ff0f88282270efef355c920213e3bd6232b02b5c32b8af899d6c
- SSDEEP
  
  384:BL7li/2zjq2DcEQvdhcJKLTp/NK9xaLk:h/M/Q9cLk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2