51941075d2da6a5ae6a130e72948cd086f5b72efc39df0a573469534d78a7e37 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51941075d2da6a5ae6a130e72948cd086f5b72efc39df0a573469534d78a7e37_NeikiAnalytics.exe
Size

20KB
Sample

240701-pfnr7a1dld
MD5

1288728fa4fe444f68996858f69a1510
SHA1

7372421e6ca22d1271cbee9b4c7d809104684340
SHA256

51941075d2da6a5ae6a130e72948cd086f5b72efc39df0a573469534d78a7e37
SHA512

aa1b79fc59b2efc7dfc61087b533d74c31df4f4d02231328a8e50a5fa2e9fe82db17e6ce1a55caea779102cad7b50f58555df46a1ee7ce13548555bc3f48e719
SSDEEP

192:RmHMqjoQewsETX0o1byouOlOx/+1qAGgYpVAdDWLkqQdAat:ReMigwsEo6Ze+N5Ypy6QdR

Score

7^/10

Malware Config

Targets

- Target
  
  51941075d2da6a5ae6a130e72948cd086f5b72efc39df0a573469534d78a7e37_NeikiAnalytics.exe
- Size
  
  20KB
- MD5
  
  1288728fa4fe444f68996858f69a1510
- SHA1
  
  7372421e6ca22d1271cbee9b4c7d809104684340
- SHA256
  
  51941075d2da6a5ae6a130e72948cd086f5b72efc39df0a573469534d78a7e37
- SHA512
  
  aa1b79fc59b2efc7dfc61087b533d74c31df4f4d02231328a8e50a5fa2e9fe82db17e6ce1a55caea779102cad7b50f58555df46a1ee7ce13548555bc3f48e719
- SSDEEP
  
  192:RmHMqjoQewsETX0o1byouOlOx/+1qAGgYpVAdDWLkqQdAat:ReMigwsEo6Ze+N5Ypy6QdR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2