b5a10f8d385bb9c879dfed2d952439ca11cc9657afa81b2bf5063449754f0356 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89cac77108584710e33661b9cd4c9cb0_NeikiAnalytics.exe
Size

12KB
Sample

240613-1qccpavgkq
MD5

89cac77108584710e33661b9cd4c9cb0
SHA1

a9e3b4e6ccd7fef25316149cc9f3021b1caf686c
SHA256

b5a10f8d385bb9c879dfed2d952439ca11cc9657afa81b2bf5063449754f0356
SHA512

8202064c019e641d9ce85528bc62c5a8c05bbe7b36e3fbd68cc51ce6428675c7821e2023554d1257bcde1cd757d9eb9be08425036852d777cbbb385866f8eda1
SSDEEP

384:2L7li/2zcq2DcEQvdQcJKLTp/NK9xaPR:wYMCQ9cPR

Score

7^/10

Malware Config

Targets

- Target
  
  89cac77108584710e33661b9cd4c9cb0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  89cac77108584710e33661b9cd4c9cb0
- SHA1
  
  a9e3b4e6ccd7fef25316149cc9f3021b1caf686c
- SHA256
  
  b5a10f8d385bb9c879dfed2d952439ca11cc9657afa81b2bf5063449754f0356
- SHA512
  
  8202064c019e641d9ce85528bc62c5a8c05bbe7b36e3fbd68cc51ce6428675c7821e2023554d1257bcde1cd757d9eb9be08425036852d777cbbb385866f8eda1
- SSDEEP
  
  384:2L7li/2zcq2DcEQvdQcJKLTp/NK9xaPR:wYMCQ9cPR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2