add4024718e8b773659c12d00544ccc47efe2fb86fe5ec66276337233e1eaf81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

260f53f22405d7c7816bad3522db2390_NeikiAnalytics.exe
Size

12KB
Sample

240611-d1qazatbjq
MD5

260f53f22405d7c7816bad3522db2390
SHA1

0e399de373326e40f5f98668a83fc571285c84d7
SHA256

add4024718e8b773659c12d00544ccc47efe2fb86fe5ec66276337233e1eaf81
SHA512

c43a5ec3bdc54b7561fa70e1ad88a7b4b7166381cc8c4235fa3bb4c2a427fcea9f907672cdb5a48c49717426f77c3f9090f02f556a17e44c70af72d279a19a6e
SSDEEP

384:1L7li/2zAkq2DcEQvdhcJKLTp/NK9xan5:V80M/Q9cn5

Score

7^/10

Malware Config

Targets

- Target
  
  260f53f22405d7c7816bad3522db2390_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  260f53f22405d7c7816bad3522db2390
- SHA1
  
  0e399de373326e40f5f98668a83fc571285c84d7
- SHA256
  
  add4024718e8b773659c12d00544ccc47efe2fb86fe5ec66276337233e1eaf81
- SHA512
  
  c43a5ec3bdc54b7561fa70e1ad88a7b4b7166381cc8c4235fa3bb4c2a427fcea9f907672cdb5a48c49717426f77c3f9090f02f556a17e44c70af72d279a19a6e
- SSDEEP
  
  384:1L7li/2zAkq2DcEQvdhcJKLTp/NK9xan5:V80M/Q9cn5
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2