General
-
Target
a79c5607fe4153e3aa29fcb762eb3430_NEIKI
-
Size
532KB
-
Sample
240508-cxbgzadh6x
-
MD5
a79c5607fe4153e3aa29fcb762eb3430
-
SHA1
04b687f377c47ea481d931bf59710519134e3046
-
SHA256
a9bb96a4e05332a158bbb84916dad9be9b568eff94d577058878f870fbcceab4
-
SHA512
561865e256c042eedd55923c699ef32a8bdbd2e4d3b2c524813f293139211ed18c10affeb1ef3a734007f4e5a47bba400f663071e0b395c756eb8f48aaac1dfa
-
SSDEEP
12288:OG5knZfFKez38fkSuY+GfR/9n8bwRK1MYXyW2t5oKSPnKYWAv:OG50ZfFKM3MRucR/986UnXyCKSPn/WAv
Malware Config
Targets
-
-
Target
a79c5607fe4153e3aa29fcb762eb3430_NEIKI
-
Size
532KB
-
MD5
a79c5607fe4153e3aa29fcb762eb3430
-
SHA1
04b687f377c47ea481d931bf59710519134e3046
-
SHA256
a9bb96a4e05332a158bbb84916dad9be9b568eff94d577058878f870fbcceab4
-
SHA512
561865e256c042eedd55923c699ef32a8bdbd2e4d3b2c524813f293139211ed18c10affeb1ef3a734007f4e5a47bba400f663071e0b395c756eb8f48aaac1dfa
-
SSDEEP
12288:OG5knZfFKez38fkSuY+GfR/9n8bwRK1MYXyW2t5oKSPnKYWAv:OG50ZfFKM3MRucR/986UnXyCKSPn/WAv
Score7/10-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-