General
-
Target
0b5cedd9753a27d3937cd3ce5e0cb8e0_NeikiAnalytics
-
Size
609KB
-
Sample
240514-w4t3faaf84
-
MD5
0b5cedd9753a27d3937cd3ce5e0cb8e0
-
SHA1
6c6f74ba13fdcd487629a8adabb0bb788f1630b3
-
SHA256
f6e25a0e39f66482d1a069f7f71fefe6e1506a9706e8468ea947b14d30388350
-
SHA512
71c3fe513e5133998bdb0ffb586dd731b16db91a4c6032ff94152ea1e97677af2e4e6573f23730ab48a41894e2fde106d04fbdbc065bf6160944b5f23f3ddf03
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhK:SUiL3yjXUlu0I7vitqUmyq+1paK
Behavioral task
behavioral1
Sample
0b5cedd9753a27d3937cd3ce5e0cb8e0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
0b5cedd9753a27d3937cd3ce5e0cb8e0_NeikiAnalytics
-
Size
609KB
-
MD5
0b5cedd9753a27d3937cd3ce5e0cb8e0
-
SHA1
6c6f74ba13fdcd487629a8adabb0bb788f1630b3
-
SHA256
f6e25a0e39f66482d1a069f7f71fefe6e1506a9706e8468ea947b14d30388350
-
SHA512
71c3fe513e5133998bdb0ffb586dd731b16db91a4c6032ff94152ea1e97677af2e4e6573f23730ab48a41894e2fde106d04fbdbc065bf6160944b5f23f3ddf03
-
SSDEEP
12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmhK:SUiL3yjXUlu0I7vitqUmyq+1paK
-
Executes dropped EXE
-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-