General
-
Target
43ce2c26309f1f092297a30f1173b770_NeikiAnalytics
-
Size
41KB
-
Sample
240515-15twaafa44
-
MD5
43ce2c26309f1f092297a30f1173b770
-
SHA1
83d4f7fb996b569556a93fa3f1383f564c1138e5
-
SHA256
c6e677eb3318efd6ae2873cfb29570b512e9d406fbe92c1314ac3f686b6184cf
-
SHA512
3bada9071226f8b59ea41df7cc8f2332a60c53c498a31b2abd51358a3e88bbb435f9fa7a8bc8d60ae312823b0f838c5765fc75053cf13dedfa9374df9a9ea1aa
-
SSDEEP
768:eeMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09Cy:eq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSz
Malware Config
Targets
-
-
Target
43ce2c26309f1f092297a30f1173b770_NeikiAnalytics
-
Size
41KB
-
MD5
43ce2c26309f1f092297a30f1173b770
-
SHA1
83d4f7fb996b569556a93fa3f1383f564c1138e5
-
SHA256
c6e677eb3318efd6ae2873cfb29570b512e9d406fbe92c1314ac3f686b6184cf
-
SHA512
3bada9071226f8b59ea41df7cc8f2332a60c53c498a31b2abd51358a3e88bbb435f9fa7a8bc8d60ae312823b0f838c5765fc75053cf13dedfa9374df9a9ea1aa
-
SSDEEP
768:eeMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09Cy:eq5VwWDjDkdTRqHFOn8tIbbeYiuZIFSz
Score8/10-
Drops file in Drivers directory
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-