324b7e7a3cf7cb9a7f30ff559c8e7dd7149c7da803b3b5eb42de45b57aa2dbb0 | Triage

Sharing

General

Target

324b7e7a3cf7cb9a7f30ff559c8e7dd7149c7da803b3b5eb42de45b57aa2dbb0_NeikiAnalytics.exe
Size

531KB
Sample

240624-c34qpsyenm
MD5

3a72bb6ed6da0ad443195da42acd22c0
SHA1

2b94d0da17b9d8e24e8613d3d93332c03cfe340e
SHA256

324b7e7a3cf7cb9a7f30ff559c8e7dd7149c7da803b3b5eb42de45b57aa2dbb0
SHA512

f9a07082b1ff1f4b77beb1d49909f461bad8f150e96292c36389b6a59135e87d2b3de434ac874f9acb1cc7a3d8fc3cb74f96cb749dca09893a61bc8f056dac24
SSDEEP

3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxp:4qal8l0xPTMiR9JSSxPUKYGdodHm

Score

7^/10

Malware Config

Targets

- Target
  
  324b7e7a3cf7cb9a7f30ff559c8e7dd7149c7da803b3b5eb42de45b57aa2dbb0_NeikiAnalytics.exe
- Size
  
  531KB
- MD5
  
  3a72bb6ed6da0ad443195da42acd22c0
- SHA1
  
  2b94d0da17b9d8e24e8613d3d93332c03cfe340e
- SHA256
  
  324b7e7a3cf7cb9a7f30ff559c8e7dd7149c7da803b3b5eb42de45b57aa2dbb0
- SHA512
  
  f9a07082b1ff1f4b77beb1d49909f461bad8f150e96292c36389b6a59135e87d2b3de434ac874f9acb1cc7a3d8fc3cb74f96cb749dca09893a61bc8f056dac24
- SSDEEP
  
  3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAxp:4qal8l0xPTMiR9JSSxPUKYGdodHm
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2