6086ae98113595799f520550226a7aa68d7d22df3cbd69d2c304e3ef84cbdbae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6086ae98113595799f520550226a7aa68d7d22df3cbd69d2c304e3ef84cbdbae_NeikiAnalytics.exe
Size

532KB
Sample

240629-esrdqszhrf
MD5

4e134b5b1c7b13e36df85b15ef3300f0
SHA1

5dc34539207e32782abb5c301e5bd2dd069555c6
SHA256

6086ae98113595799f520550226a7aa68d7d22df3cbd69d2c304e3ef84cbdbae
SHA512

d573fd5029564bbd75044ea82a324780da47fd18410cf570568872d83001c9c3ddf7e22b5a86eb0f2b251fa94c2a83f76f60d0e01e5535607409cfa008d9a730
SSDEEP

3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx5:4qal8l0xPTMiR9JSSxPUKYGdodH6

Score

7^/10

Malware Config

Targets

- Target
  
  6086ae98113595799f520550226a7aa68d7d22df3cbd69d2c304e3ef84cbdbae_NeikiAnalytics.exe
- Size
  
  532KB
- MD5
  
  4e134b5b1c7b13e36df85b15ef3300f0
- SHA1
  
  5dc34539207e32782abb5c301e5bd2dd069555c6
- SHA256
  
  6086ae98113595799f520550226a7aa68d7d22df3cbd69d2c304e3ef84cbdbae
- SHA512
  
  d573fd5029564bbd75044ea82a324780da47fd18410cf570568872d83001c9c3ddf7e22b5a86eb0f2b251fa94c2a83f76f60d0e01e5535607409cfa008d9a730
- SSDEEP
  
  3072:4Cao5s1x1Pkl0xPTM7mRCAdJSSxPUkl3VyFNdQMQTCk/dN92sdNhavtrVdewnAx5:4qal8l0xPTMiR9JSSxPUKYGdodH6
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2