07b40675b4003bff65d795498f5dd78a7e17c2f2d16bebb066930312c3076310 | Triage

Submit
Reports

Overview

overview

Static

static

7

27574d1a4e...cs.exe

windows7-x64

27574d1a4e...cs.exe

windows10-2004-x64

Sharing

General

Target

27574d1a4e9c677b95f8fa8287007480_NeikiAnalytics.exe
Size

114KB
Sample

240611-exdnfatfpb
MD5

27574d1a4e9c677b95f8fa8287007480
SHA1

b55f4fc8ec24ce7e50df98f8dac6719b37eeef8a
SHA256

07b40675b4003bff65d795498f5dd78a7e17c2f2d16bebb066930312c3076310
SHA512

eeba3cc04af091a88e982b32955fb20bb2cfca0ef9f1b5ec598258248538ca7dd570327879384d7503fbf7b64d8ce5b8bde1760427ea541dad0825bff1043e15
SSDEEP

768:3x/5inm+cd5rHemPXKqUEphjVuvios1rPr4adL0NqlJMU6wiK1rEKlcIQ1TTGfo8:3xRsvcdCQjosnvnZ6grfQ1b4L

Score

10^/10

upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

27574d1a4e9c677b95f8fa8287007480_NeikiAnalytics.exe

Resource

win7-20240221-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

27574d1a4e9c677b95f8fa8287007480_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Credentials

Protocol: ftp
Host:
ftp.tripod.com
Port:
21
Username:
griptoloji
Password:
741852

Targets

- Target
  
  27574d1a4e9c677b95f8fa8287007480_NeikiAnalytics.exe
- Size
  
  114KB
- MD5
  
  27574d1a4e9c677b95f8fa8287007480
- SHA1
  
  b55f4fc8ec24ce7e50df98f8dac6719b37eeef8a
- SHA256
  
  07b40675b4003bff65d795498f5dd78a7e17c2f2d16bebb066930312c3076310
- SHA512
  
  eeba3cc04af091a88e982b32955fb20bb2cfca0ef9f1b5ec598258248538ca7dd570327879384d7503fbf7b64d8ce5b8bde1760427ea541dad0825bff1043e15
- SSDEEP
  
  768:3x/5inm+cd5rHemPXKqUEphjVuvios1rPr4adL0NqlJMU6wiK1rEKlcIQ1TTGfo8:3xRsvcdCQjosnvnZ6grfQ1b4L
Score

10^/10

upx
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy