General
-
Target
94cc956b61b54200193c58042928d100_NEIKI
-
Size
1.2MB
-
Sample
240508-byzqhsbe2v
-
MD5
94cc956b61b54200193c58042928d100
-
SHA1
8321535d6653108073dd39e9cd42959831d22ca7
-
SHA256
1e22a77306c7a04515f0447641db29afbe5e39b2afda935a6fb5d6bf769ebda7
-
SHA512
9e1b7903569ef38c41ded6c53d2a1facd9afe66f0f1613400542b1580f2446dfd021411f1b8743c7a9783b2bca99c0c40be86562453a1507478912f331167a91
-
SSDEEP
24576:fXTff2BiQQnHfRmcZbUsP3ERibzVNdaWlW7:fXzfSGn/RssP3ERibzLdnlW7
Malware Config
Targets
-
-
Target
94cc956b61b54200193c58042928d100_NEIKI
-
Size
1.2MB
-
MD5
94cc956b61b54200193c58042928d100
-
SHA1
8321535d6653108073dd39e9cd42959831d22ca7
-
SHA256
1e22a77306c7a04515f0447641db29afbe5e39b2afda935a6fb5d6bf769ebda7
-
SHA512
9e1b7903569ef38c41ded6c53d2a1facd9afe66f0f1613400542b1580f2446dfd021411f1b8743c7a9783b2bca99c0c40be86562453a1507478912f331167a91
-
SSDEEP
24576:fXTff2BiQQnHfRmcZbUsP3ERibzVNdaWlW7:fXzfSGn/RssP3ERibzLdnlW7
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-