General
-
Target
1d06cc93cb0dde13c72500003b1435a0_NeikiAnalytics
-
Size
119KB
-
Sample
240509-m9fbssec9x
-
MD5
1d06cc93cb0dde13c72500003b1435a0
-
SHA1
e3653d9b4f96a76a7839ff0e1acf4bad66485cab
-
SHA256
cb50a18f1b43ef640da4109a3f2fc896cec872ff6a7459b55264629bd69f37f6
-
SHA512
fd38280237a72755fbc0c79af3c0a69b2b76d893126e86afbe24aec48cca3b7dfed620d7d5d815d8e97757d22cc969d04feda4f6723239e1f3507da49ea39f36
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Malware Config
Targets
-
-
Target
1d06cc93cb0dde13c72500003b1435a0_NeikiAnalytics
-
Size
119KB
-
MD5
1d06cc93cb0dde13c72500003b1435a0
-
SHA1
e3653d9b4f96a76a7839ff0e1acf4bad66485cab
-
SHA256
cb50a18f1b43ef640da4109a3f2fc896cec872ff6a7459b55264629bd69f37f6
-
SHA512
fd38280237a72755fbc0c79af3c0a69b2b76d893126e86afbe24aec48cca3b7dfed620d7d5d815d8e97757d22cc969d04feda4f6723239e1f3507da49ea39f36
-
SSDEEP
3072:vOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:vIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-