3b490f1e64ead89a9c4b73833c0a3c97335c97f4d8cb8b3537375db169dc7027 | Triage

Sharing

General

Target

2adfbb015ba1294faa1ce39c74a48340_NeikiAnalytics.exe
Size

12KB
Sample

240611-g7lsxaxejh
MD5

2adfbb015ba1294faa1ce39c74a48340
SHA1

51fd81d70656c0beaba890dbd64f2636d716f037
SHA256

3b490f1e64ead89a9c4b73833c0a3c97335c97f4d8cb8b3537375db169dc7027
SHA512

a761bc476f6237391b95235f47eb97dae309c9cd9141bfb7409b68923bd78575ea5d6cf57d7ad48877d035bd740a4ec3405a15e19c9408eae121081daf63d4b0
SSDEEP

384:jL7li/2zwq2DcEQvdQcJKLTp/NK9xa+i:nEMCQ9c+i

Score

7^/10

Malware Config

Targets

- Target
  
  2adfbb015ba1294faa1ce39c74a48340_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  2adfbb015ba1294faa1ce39c74a48340
- SHA1
  
  51fd81d70656c0beaba890dbd64f2636d716f037
- SHA256
  
  3b490f1e64ead89a9c4b73833c0a3c97335c97f4d8cb8b3537375db169dc7027
- SHA512
  
  a761bc476f6237391b95235f47eb97dae309c9cd9141bfb7409b68923bd78575ea5d6cf57d7ad48877d035bd740a4ec3405a15e19c9408eae121081daf63d4b0
- SSDEEP
  
  384:jL7li/2zwq2DcEQvdQcJKLTp/NK9xa+i:nEMCQ9c+i
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2