2752dba57bec3dea41c44e52e1f8c1e0a389c54bfc8e3db4eb15483ce9f50de9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2752dba57bec3dea41c44e52e1f8c1e0a389c54bfc8e3db4eb15483ce9f50de9_NeikiAnalytics.exe
Size

4.9MB
Sample

240701-awglgs1ajd
MD5

e97188fffa787f6e053eb2f4ccf94190
SHA1

e6acdcc96e10450c356c8eef70cbb31aed8a7105
SHA256

2752dba57bec3dea41c44e52e1f8c1e0a389c54bfc8e3db4eb15483ce9f50de9
SHA512

918230ef4b9cc57c03cce707909995b22e47901678312c2d6adde7432098e106cb09b22bfa6701e4c5b0c919b0a144350dc3562d238f79afc3d0df7f254028ad
SSDEEP

98304:Ll+WJMZHmsCAMKn+MjNtI9pE/1ErSy/Q:LljMAyBjypEO/Q

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  2752dba57bec3dea41c44e52e1f8c1e0a389c54bfc8e3db4eb15483ce9f50de9_NeikiAnalytics.exe
- Size
  
  4.9MB
- MD5
  
  e97188fffa787f6e053eb2f4ccf94190
- SHA1
  
  e6acdcc96e10450c356c8eef70cbb31aed8a7105
- SHA256
  
  2752dba57bec3dea41c44e52e1f8c1e0a389c54bfc8e3db4eb15483ce9f50de9
- SHA512
  
  918230ef4b9cc57c03cce707909995b22e47901678312c2d6adde7432098e106cb09b22bfa6701e4c5b0c919b0a144350dc3562d238f79afc3d0df7f254028ad
- SSDEEP
  
  98304:Ll+WJMZHmsCAMKn+MjNtI9pE/1ErSy/Q:LljMAyBjypEO/Q
Score

7^/10

evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2