General
-
Target
e5bfc858958d395224e140aaa85b6080_NEIKI
-
Size
65KB
-
Sample
240508-shl8xsac5s
-
MD5
e5bfc858958d395224e140aaa85b6080
-
SHA1
41de7b5e0d24a50540420341e83c0f0183fa873d
-
SHA256
887376c474c6891d6374982e7f50779ff4bf4e0b6f739e16870cbcff78f9611f
-
SHA512
c099a9924328508ca8267fe38874bfc13377586aa2be827d878dbe1eeb0c0f579b28a3257684e4f872d6817117210c747501658541986ed5bb96e6e36eb735c2
-
SSDEEP
768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX60:Zr3Z5IfQIR81ad5yX60
Malware Config
Targets
-
-
Target
e5bfc858958d395224e140aaa85b6080_NEIKI
-
Size
65KB
-
MD5
e5bfc858958d395224e140aaa85b6080
-
SHA1
41de7b5e0d24a50540420341e83c0f0183fa873d
-
SHA256
887376c474c6891d6374982e7f50779ff4bf4e0b6f739e16870cbcff78f9611f
-
SHA512
c099a9924328508ca8267fe38874bfc13377586aa2be827d878dbe1eeb0c0f579b28a3257684e4f872d6817117210c747501658541986ed5bb96e6e36eb735c2
-
SSDEEP
768:ZrItKyw5WHXfQIhIiIk9ecAaVPD96KyX60:Zr3Z5IfQIR81ad5yX60
Score8/10-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-