231fbcfc2c520133e71fd3b34b306330f83e74c0d7a70648a7df0cb7b112c82e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

231fbcfc2c520133e71fd3b34b306330f83e74c0d7a70648a7df0cb7b112c82e_NeikiAnalytics.exe
Size

38KB
Sample

240630-3h2cyssdpj
MD5

041c7f004e6641ad52d1e4606abb03b0
SHA1

d18bf6f9261736bdd1013facfd8bcc81d4e7974b
SHA256

231fbcfc2c520133e71fd3b34b306330f83e74c0d7a70648a7df0cb7b112c82e
SHA512

9c9c2dd91e51c469056430248c5d972f1e6d9d51956e5bcf4a6832a35a0c0dead32348b585f6e6ef6392d8e2b4716a80c866bd014fc02ba02e224df55ea84c8f
SSDEEP

768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGp/YIm7wm0UpaU:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XY

Score

7^/10

Malware Config

Targets

- Target
  
  231fbcfc2c520133e71fd3b34b306330f83e74c0d7a70648a7df0cb7b112c82e_NeikiAnalytics.exe
- Size
  
  38KB
- MD5
  
  041c7f004e6641ad52d1e4606abb03b0
- SHA1
  
  d18bf6f9261736bdd1013facfd8bcc81d4e7974b
- SHA256
  
  231fbcfc2c520133e71fd3b34b306330f83e74c0d7a70648a7df0cb7b112c82e
- SHA512
  
  9c9c2dd91e51c469056430248c5d972f1e6d9d51956e5bcf4a6832a35a0c0dead32348b585f6e6ef6392d8e2b4716a80c866bd014fc02ba02e224df55ea84c8f
- SSDEEP
  
  768:Kf1K2exg2kBwtdgI2MyzNORQtOflIwoHNV2XBFV72BOlA7ZsBGGp/YIm7wm0UpaU:o1KhxqwtdgI2MyzNORQtOflIwoHNV2XY
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2