28eb3beb520000445ad2d399c6a67e1ca2eab0a360a7aeeb39eca6aaff3a19d0 | Triage

Sharing

General

Target

152e047a90b072967e1ed9d0f8fa2640_NeikiAnalytics.exe
Size

12KB
Sample

240609-hyy8bafd2s
MD5

152e047a90b072967e1ed9d0f8fa2640
SHA1

e43716c46e584735510d8f1fc2368e437802305e
SHA256

28eb3beb520000445ad2d399c6a67e1ca2eab0a360a7aeeb39eca6aaff3a19d0
SHA512

e453e420e9726333fa52aa9dc4783d25907019179eb382d7ebec2a945bd481d017b3e8574a8f632cfd8d3795936c2d578cfc61201757db3d3db244a54e596a80
SSDEEP

384:1L7li/2zUq2DcEQvdhcJKLTp/NK9xaME:VIM/Q9cME

Score

7^/10

Malware Config

Targets

- Target
  
  152e047a90b072967e1ed9d0f8fa2640_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  152e047a90b072967e1ed9d0f8fa2640
- SHA1
  
  e43716c46e584735510d8f1fc2368e437802305e
- SHA256
  
  28eb3beb520000445ad2d399c6a67e1ca2eab0a360a7aeeb39eca6aaff3a19d0
- SHA512
  
  e453e420e9726333fa52aa9dc4783d25907019179eb382d7ebec2a945bd481d017b3e8574a8f632cfd8d3795936c2d578cfc61201757db3d3db244a54e596a80
- SSDEEP
  
  384:1L7li/2zUq2DcEQvdhcJKLTp/NK9xaME:VIM/Q9cME
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2