General
-
Target
c74be0fe1e562ce1d537a07b43361230_NeikiAnalytics
-
Size
478KB
-
Sample
240514-p47j7sgd75
-
MD5
c74be0fe1e562ce1d537a07b43361230
-
SHA1
737f614b90cbfe6a162350760e1b8f83e9f35d6a
-
SHA256
350b16825fc8198d0352f1b1886c59dc2ede39d98d73e260e5e832cb799a117d
-
SHA512
559de8cb52e64120095489ef2e5decf20946886d90270694a9e5cda1f3df88d9dbe826096191134096226f961d58d8fce2359aa0e8f6db2a9ec28bcb87d74ac5
-
SSDEEP
6144:PF948oDfbu15JF7KPUqQanHAwXPICuOoCyk7v+Y3gmpZ9tFSvlPJo+vc827bwkxS:99YfUaj9oTx2aC9OPJn3maJ8Ib
Malware Config
Targets
-
-
Target
c74be0fe1e562ce1d537a07b43361230_NeikiAnalytics
-
Size
478KB
-
MD5
c74be0fe1e562ce1d537a07b43361230
-
SHA1
737f614b90cbfe6a162350760e1b8f83e9f35d6a
-
SHA256
350b16825fc8198d0352f1b1886c59dc2ede39d98d73e260e5e832cb799a117d
-
SHA512
559de8cb52e64120095489ef2e5decf20946886d90270694a9e5cda1f3df88d9dbe826096191134096226f961d58d8fce2359aa0e8f6db2a9ec28bcb87d74ac5
-
SSDEEP
6144:PF948oDfbu15JF7KPUqQanHAwXPICuOoCyk7v+Y3gmpZ9tFSvlPJo+vc827bwkxS:99YfUaj9oTx2aC9OPJn3maJ8Ib
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-