General
-
Target
8d0f05fd829c6d1a7e4236362737e030_NEIKI
-
Size
421KB
-
Sample
240508-bmkgfsdc35
-
MD5
8d0f05fd829c6d1a7e4236362737e030
-
SHA1
b99f4d0320eff5be2662553d3f3df18b4c213b18
-
SHA256
020cfef97b7b4b24cecf379a5ab5c6c3b07c2d3a56041e6264fe55e78f217c60
-
SHA512
1b0761061c25f93387eb97473bfc4832069935e30f4946c00795fdc9073e0daca8349f66070e717c7b073323382f85add8f4a0e82048a94e84ab58aff50244cc
-
SSDEEP
6144:VjluQoSv4DSIo5R4nM/40yQcQv9k2qhlyChLDC0HaJsyUtrXtVvrzquHtkHCsW69:VEQoSfqIcQVoyChfvH3yIr/vrzquzrM
Malware Config
Targets
-
-
Target
8d0f05fd829c6d1a7e4236362737e030_NEIKI
-
Size
421KB
-
MD5
8d0f05fd829c6d1a7e4236362737e030
-
SHA1
b99f4d0320eff5be2662553d3f3df18b4c213b18
-
SHA256
020cfef97b7b4b24cecf379a5ab5c6c3b07c2d3a56041e6264fe55e78f217c60
-
SHA512
1b0761061c25f93387eb97473bfc4832069935e30f4946c00795fdc9073e0daca8349f66070e717c7b073323382f85add8f4a0e82048a94e84ab58aff50244cc
-
SSDEEP
6144:VjluQoSv4DSIo5R4nM/40yQcQv9k2qhlyChLDC0HaJsyUtrXtVvrzquHtkHCsW69:VEQoSfqIcQVoyChfvH3yIr/vrzquzrM
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-