384787235065f529d81f53826c0f9d34ebd52c1643250e64d1911faea633cc3b | Triage

Sharing

General

Target

4edb786a77b0bab6829d8a6b570d60f0_NeikiAnalytics.exe
Size

12KB
Sample

240613-aencpszfjk
MD5

4edb786a77b0bab6829d8a6b570d60f0
SHA1

11f5d60f4acc562fcf145d9886cdcbd8539885a2
SHA256

384787235065f529d81f53826c0f9d34ebd52c1643250e64d1911faea633cc3b
SHA512

45230eee011f32f75ff775c83d92a219ac9576567e3254fc479385ec121dbd0caca1f04648dd7c5ff5def568971f97c38cfc328fd5074f98f9bd91ae3cdc3805
SSDEEP

384:GL7li/2zNq2DcEQvdQcJKLTp/NK9xaPA:g9MCQ9cPA

Score

7^/10

Malware Config

Targets

- Target
  
  4edb786a77b0bab6829d8a6b570d60f0_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  4edb786a77b0bab6829d8a6b570d60f0
- SHA1
  
  11f5d60f4acc562fcf145d9886cdcbd8539885a2
- SHA256
  
  384787235065f529d81f53826c0f9d34ebd52c1643250e64d1911faea633cc3b
- SHA512
  
  45230eee011f32f75ff775c83d92a219ac9576567e3254fc479385ec121dbd0caca1f04648dd7c5ff5def568971f97c38cfc328fd5074f98f9bd91ae3cdc3805
- SSDEEP
  
  384:GL7li/2zNq2DcEQvdQcJKLTp/NK9xaPA:g9MCQ9cPA
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2