509d936c9423a5ae18a42dd8e51426f3bde1287537f376385274c989d5ed8686 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

509d936c9423a5ae18a42dd8e51426f3bde1287537f376385274c989d5ed8686_NeikiAnalytics.exe
Size

24KB
Sample

240701-n7atzatepk
MD5

a12fa64b68afa5cc9c15427dbb3ce8c0
SHA1

7239eff02d0b2e64a6c010e5e40a07810f325aea
SHA256

509d936c9423a5ae18a42dd8e51426f3bde1287537f376385274c989d5ed8686
SHA512

ea834509cd2a3560d3c841301511cb93ac5f9d2b19e40eb66d91fd405e21a4762474a639aa06ad00e4368194f5600961e4c2396948683b4bff47ba82a179c0e1
SSDEEP

384:PMJD+1/AMX2U6P9lkyAP9Ep6jtmi/pEojSjOnj+:oD+FhXN6jRMtlRE9jOi

Score

7^/10

Malware Config

Targets

- Target
  
  509d936c9423a5ae18a42dd8e51426f3bde1287537f376385274c989d5ed8686_NeikiAnalytics.exe
- Size
  
  24KB
- MD5
  
  a12fa64b68afa5cc9c15427dbb3ce8c0
- SHA1
  
  7239eff02d0b2e64a6c010e5e40a07810f325aea
- SHA256
  
  509d936c9423a5ae18a42dd8e51426f3bde1287537f376385274c989d5ed8686
- SHA512
  
  ea834509cd2a3560d3c841301511cb93ac5f9d2b19e40eb66d91fd405e21a4762474a639aa06ad00e4368194f5600961e4c2396948683b4bff47ba82a179c0e1
- SSDEEP
  
  384:PMJD+1/AMX2U6P9lkyAP9Ep6jtmi/pEojSjOnj+:oD+FhXN6jRMtlRE9jOi
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2