23c77cdc3cc09a94df9a30f9894a403c2ef2667a4f62d8fbe8f8de93192c75d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b5988196ba6f923121dff0bcb7b0bf0_NeikiAnalytics.exe
Size

12KB
Sample

240610-zwjtaa1bkp
MD5

1b5988196ba6f923121dff0bcb7b0bf0
SHA1

339a2ed582b4eb9cc133caf2335e0bbdcb8c7ba1
SHA256

23c77cdc3cc09a94df9a30f9894a403c2ef2667a4f62d8fbe8f8de93192c75d6
SHA512

cc58f7e8b683a03cf9c873f712dbbe9e74d2ed7390a9a695416abc9ff5ab177e89885ef7f9117afeb1fc0c367ef7f0a0faf78a0979f4ae6ad7a22656432d9404
SSDEEP

384:HL7li/2zBq2DcEQvdhcJKLTp/NK9xa03:rxM/Q9c03

Score

7^/10

Malware Config

Targets

- Target
  
  1b5988196ba6f923121dff0bcb7b0bf0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  1b5988196ba6f923121dff0bcb7b0bf0
- SHA1
  
  339a2ed582b4eb9cc133caf2335e0bbdcb8c7ba1
- SHA256
  
  23c77cdc3cc09a94df9a30f9894a403c2ef2667a4f62d8fbe8f8de93192c75d6
- SHA512
  
  cc58f7e8b683a03cf9c873f712dbbe9e74d2ed7390a9a695416abc9ff5ab177e89885ef7f9117afeb1fc0c367ef7f0a0faf78a0979f4ae6ad7a22656432d9404
- SSDEEP
  
  384:HL7li/2zBq2DcEQvdhcJKLTp/NK9xa03:rxM/Q9c03
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2