a720d91f6098160e9c38b7ee435de332b7c3448846bca4765eae0ffbcde4ea6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e1711ca3952b3b04102326ffe02f540_NeikiAnalytics.exe
Size

12KB
Sample

240614-dtjjvaxbqn
MD5

9e1711ca3952b3b04102326ffe02f540
SHA1

284a95663c2d8dd457f17e155ae0738836630c4d
SHA256

a720d91f6098160e9c38b7ee435de332b7c3448846bca4765eae0ffbcde4ea6f
SHA512

4b4342feb5ab235810ae1f3a32011646cf89e4fa05de8645863a4e1b7f9f20e1e73d063e7c0be64e725b93f502ca39440c9ef9d75f6163e1659baae053129679
SSDEEP

384:hL7li/2zAkq2DcEQvdQcJKLTp/NK9xaKL:B80MCQ9cKL

Score

7^/10

Malware Config

Targets

- Target
  
  9e1711ca3952b3b04102326ffe02f540_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  9e1711ca3952b3b04102326ffe02f540
- SHA1
  
  284a95663c2d8dd457f17e155ae0738836630c4d
- SHA256
  
  a720d91f6098160e9c38b7ee435de332b7c3448846bca4765eae0ffbcde4ea6f
- SHA512
  
  4b4342feb5ab235810ae1f3a32011646cf89e4fa05de8645863a4e1b7f9f20e1e73d063e7c0be64e725b93f502ca39440c9ef9d75f6163e1659baae053129679
- SSDEEP
  
  384:hL7li/2zAkq2DcEQvdQcJKLTp/NK9xaKL:B80MCQ9cKL
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2