2c1f6a28092c243d26d5b85d9ab9f9fcc41e58f5c00c3dd40a0d3445628c3847 | Triage

Sharing

General

Target

2c1f6a28092c243d26d5b85d9ab9f9fcc41e58f5c00c3dd40a0d3445628c3847_NeikiAnalytics.exe
Size

34KB
Sample

240620-dfnawavema
MD5

265aaf67e4d10b2d40a01e5484a64550
SHA1

28129246cc151853764942f90f7243b2bbb7ea1c
SHA256

2c1f6a28092c243d26d5b85d9ab9f9fcc41e58f5c00c3dd40a0d3445628c3847
SHA512

76203f554597855bb5fdf06c61c80b6385f8dfcbcbb896d3f0866da1dcc234592685c738d6fdb7885ab1c56fb873c042f4f052809365fc609a7b85f317ccd0d1
SSDEEP

384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJw+:bG74zYcgT/Ekd0ryfjkR

Score

7^/10

Malware Config

Targets

- Target
  
  2c1f6a28092c243d26d5b85d9ab9f9fcc41e58f5c00c3dd40a0d3445628c3847_NeikiAnalytics.exe
- Size
  
  34KB
- MD5
  
  265aaf67e4d10b2d40a01e5484a64550
- SHA1
  
  28129246cc151853764942f90f7243b2bbb7ea1c
- SHA256
  
  2c1f6a28092c243d26d5b85d9ab9f9fcc41e58f5c00c3dd40a0d3445628c3847
- SHA512
  
  76203f554597855bb5fdf06c61c80b6385f8dfcbcbb896d3f0866da1dcc234592685c738d6fdb7885ab1c56fb873c042f4f052809365fc609a7b85f317ccd0d1
- SSDEEP
  
  384:bG74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUGTGXvJw+:bG74zYcgT/Ekd0ryfjkR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2