4945e070694e0ba643197930ec6c62d372c6fd0a8c19aa9d0ff30fe0a7e5d0e0 | Triage

Sharing

General

Target

4945e070694e0ba643197930ec6c62d372c6fd0a8c19aa9d0ff30fe0a7e5d0e0_NeikiAnalytics.exe
Size

41KB
Sample

240624-g71basyhqh
MD5

7a5780ffe34014be8bf1e63c79bd2eb0
SHA1

5e5040bfd1efb8841eb312202a7de01146833118
SHA256

4945e070694e0ba643197930ec6c62d372c6fd0a8c19aa9d0ff30fe0a7e5d0e0
SHA512

6a633eca1c96d2542d9139741dde899369ad56c6aa1b0645eab71121ab3ebff99ef2f5448632816a13da24ce0cd47007290b6a803a5a3e8e863c6355fe50df69
SSDEEP

384:DLR7iSYIwM+6GyXzQNSOwOmOzO6iQspWGqYx1jYCKt7VpEi6xX+K2OexXjbuR6x0:DLR7ix70zQozpW7YYCqgiQ0OEmAmMn9O

Score

7^/10

Malware Config

Targets

- Target
  
  4945e070694e0ba643197930ec6c62d372c6fd0a8c19aa9d0ff30fe0a7e5d0e0_NeikiAnalytics.exe
- Size
  
  41KB
- MD5
  
  7a5780ffe34014be8bf1e63c79bd2eb0
- SHA1
  
  5e5040bfd1efb8841eb312202a7de01146833118
- SHA256
  
  4945e070694e0ba643197930ec6c62d372c6fd0a8c19aa9d0ff30fe0a7e5d0e0
- SHA512
  
  6a633eca1c96d2542d9139741dde899369ad56c6aa1b0645eab71121ab3ebff99ef2f5448632816a13da24ce0cd47007290b6a803a5a3e8e863c6355fe50df69
- SSDEEP
  
  384:DLR7iSYIwM+6GyXzQNSOwOmOzO6iQspWGqYx1jYCKt7VpEi6xX+K2OexXjbuR6x0:DLR7ix70zQozpW7YYCqgiQ0OEmAmMn9O
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2