fb50b6a71a516686d6e468384844a6cc2c1604a0490fb978541e8d5ed1c7442d | Triage

Sharing

General

Target

12e40db81d4bb74b6d9370470ffb93e0_NeikiAnalytics.exe
Size

12KB
Sample

240610-pdtwesad7w
MD5

12e40db81d4bb74b6d9370470ffb93e0
SHA1

cbbde5a9f1485b5d1ffc8b97d6a9731c13fdcdca
SHA256

fb50b6a71a516686d6e468384844a6cc2c1604a0490fb978541e8d5ed1c7442d
SHA512

1fc5536772c2b847814493a99cd932e28f050aeddf40f427aa653c4263eedb7a0013aa643af42220ccc5d5629c77020dae9b2da5504efff99088399d8fb194df
SSDEEP

384:BL7li/2zBq2DcEQvdQcJKLTp/NK9xa91:hhMCQ9c91

Score

7^/10

Malware Config

Targets

- Target
  
  12e40db81d4bb74b6d9370470ffb93e0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  12e40db81d4bb74b6d9370470ffb93e0
- SHA1
  
  cbbde5a9f1485b5d1ffc8b97d6a9731c13fdcdca
- SHA256
  
  fb50b6a71a516686d6e468384844a6cc2c1604a0490fb978541e8d5ed1c7442d
- SHA512
  
  1fc5536772c2b847814493a99cd932e28f050aeddf40f427aa653c4263eedb7a0013aa643af42220ccc5d5629c77020dae9b2da5504efff99088399d8fb194df
- SSDEEP
  
  384:BL7li/2zBq2DcEQvdQcJKLTp/NK9xa91:hhMCQ9c91
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2