5c853ad8ed8af6672b0268061506bc4a32790bc8c3f9586b1eea10ee9f21f76f | Triage

Sharing

General

Target

5c853ad8ed8af6672b0268061506bc4a32790bc8c3f9586b1eea10ee9f21f76f_NeikiAnalytics.exe
Size

203KB
Sample

240627-g82krawgje
MD5

8af301f4a074c04c352f3f88b8eddbd0
SHA1

a3152c7712d398da9452603a425c7e50543dde97
SHA256

5c853ad8ed8af6672b0268061506bc4a32790bc8c3f9586b1eea10ee9f21f76f
SHA512

b72eaf7cbc99ed0f32092b5e3bc9afa3a9cad8d94aba76ac34aa8f2f9561dbeb51169b83e1ae519d9c8edbc51b8d28972f59888f840debb79fab16eca6e46660
SSDEEP

1536:AHtNFk+5wIaVanPSE8GHo7P1A4xVz28n8tonvZIqiauV:Adk+xagnPm/P1A4xVzkonviV

Score

7^/10

Malware Config

Targets

- Target
  
  5c853ad8ed8af6672b0268061506bc4a32790bc8c3f9586b1eea10ee9f21f76f_NeikiAnalytics.exe
- Size
  
  203KB
- MD5
  
  8af301f4a074c04c352f3f88b8eddbd0
- SHA1
  
  a3152c7712d398da9452603a425c7e50543dde97
- SHA256
  
  5c853ad8ed8af6672b0268061506bc4a32790bc8c3f9586b1eea10ee9f21f76f
- SHA512
  
  b72eaf7cbc99ed0f32092b5e3bc9afa3a9cad8d94aba76ac34aa8f2f9561dbeb51169b83e1ae519d9c8edbc51b8d28972f59888f840debb79fab16eca6e46660
- SSDEEP
  
  1536:AHtNFk+5wIaVanPSE8GHo7P1A4xVz28n8tonvZIqiauV:Adk+xagnPm/P1A4xVzkonviV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2