aee671737aa9407590a0a2295b0efc484ce0a75db66e87ad830335da949c0e4b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27319f365886532150937d12fe4bda20_NeikiAnalytics.exe
Size

12KB
Sample

240611-etscestfjc
MD5

27319f365886532150937d12fe4bda20
SHA1

9a22a1e7e943b3c0f81c93d16c3a241b4db60bbe
SHA256

aee671737aa9407590a0a2295b0efc484ce0a75db66e87ad830335da949c0e4b
SHA512

e584339e8ecc64eeae2d442f672d77b926101c15501b5eed1d3435b6e6adeb52dc23c05a741077619370ca8c6d76ef9162701dcc2fcc1cb45b7f3a97afb30c4d
SSDEEP

384:QL7li/2zGq2DcEQvdhcJKLTp/NK9xa+T:OGM/Q9c+T

Score

7^/10

Malware Config

Targets

- Target
  
  27319f365886532150937d12fe4bda20_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  27319f365886532150937d12fe4bda20
- SHA1
  
  9a22a1e7e943b3c0f81c93d16c3a241b4db60bbe
- SHA256
  
  aee671737aa9407590a0a2295b0efc484ce0a75db66e87ad830335da949c0e4b
- SHA512
  
  e584339e8ecc64eeae2d442f672d77b926101c15501b5eed1d3435b6e6adeb52dc23c05a741077619370ca8c6d76ef9162701dcc2fcc1cb45b7f3a97afb30c4d
- SSDEEP
  
  384:QL7li/2zGq2DcEQvdhcJKLTp/NK9xa+T:OGM/Q9c+T
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2