General
-
Target
c37261f96525ec6288a5f14c0b140150_NeikiAnalytics
-
Size
1.3MB
-
Sample
240514-mtfmmacg77
-
MD5
c37261f96525ec6288a5f14c0b140150
-
SHA1
d4ff40e98a3d238b92b813fdd20d6cf54e5eed38
-
SHA256
8c0845507ff8e9d046e0242d34f7fa40c1bd59ad193497bcdefad4a19784b9f2
-
SHA512
49ce7b45b5588a2813e3417a2acbb2fc8c2a33b7861e7b135e739750548a9ad9d1defc659033649a0af72e1ecd0718a7a11b633cd387846f21dbfa3e14fbc6f0
-
SSDEEP
24576:Vimd6KRPWmbhIa6teXg8+ggcTAK8OKHa4RgX87jfwezx71cEl12LTQ:ImcK5WDazgJbKqHF2X87jdzxGXQ
Malware Config
Targets
-
-
Target
c37261f96525ec6288a5f14c0b140150_NeikiAnalytics
-
Size
1.3MB
-
MD5
c37261f96525ec6288a5f14c0b140150
-
SHA1
d4ff40e98a3d238b92b813fdd20d6cf54e5eed38
-
SHA256
8c0845507ff8e9d046e0242d34f7fa40c1bd59ad193497bcdefad4a19784b9f2
-
SHA512
49ce7b45b5588a2813e3417a2acbb2fc8c2a33b7861e7b135e739750548a9ad9d1defc659033649a0af72e1ecd0718a7a11b633cd387846f21dbfa3e14fbc6f0
-
SSDEEP
24576:Vimd6KRPWmbhIa6teXg8+ggcTAK8OKHa4RgX87jfwezx71cEl12LTQ:ImcK5WDazgJbKqHF2X87jdzxGXQ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-