2c6cbf836a326eb1f89160ae7673e86e63dbbae7c1a0eb96b106687b6cb59f8c | Triage

Sharing

General

Target

2c6cbf836a326eb1f89160ae7673e86e63dbbae7c1a0eb96b106687b6cb59f8c_NeikiAnalytics.exe
Size

12KB
Sample

240628-2zk7maxeqk
MD5

9cacc360b5d748d85dd00b8ce7188710
SHA1

ea832451eec9d8ea98873fb00c3bdabf891489b8
SHA256

2c6cbf836a326eb1f89160ae7673e86e63dbbae7c1a0eb96b106687b6cb59f8c
SHA512

1819dfdf92e7e95317a68235330728e87f5ffa8bfc1ab7d833829a8a3a06963f7ad5b275f47787f306018bfd1c49d8213825eb81b0f11d91fbf5d9c13e146f7c
SSDEEP

384:9L7li/2z7q2DcEQvdhcJKLTp/NK9xaAY:tnM/Q9cAY

Score

7^/10

Malware Config

Targets

- Target
  
  2c6cbf836a326eb1f89160ae7673e86e63dbbae7c1a0eb96b106687b6cb59f8c_NeikiAnalytics.exe
- Size
  
  12KB
- MD5
  
  9cacc360b5d748d85dd00b8ce7188710
- SHA1
  
  ea832451eec9d8ea98873fb00c3bdabf891489b8
- SHA256
  
  2c6cbf836a326eb1f89160ae7673e86e63dbbae7c1a0eb96b106687b6cb59f8c
- SHA512
  
  1819dfdf92e7e95317a68235330728e87f5ffa8bfc1ab7d833829a8a3a06963f7ad5b275f47787f306018bfd1c49d8213825eb81b0f11d91fbf5d9c13e146f7c
- SSDEEP
  
  384:9L7li/2z7q2DcEQvdhcJKLTp/NK9xaAY:tnM/Q9cAY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Uses the VBS compiler for execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2