General
-
Target
c397d163911535ae8219935711303880_NeikiAnalytics
-
Size
6.2MB
-
Sample
240515-l9e6cscg43
-
MD5
c397d163911535ae8219935711303880
-
SHA1
4e146988c5b5e9848e9b79ff953e58729cbbf457
-
SHA256
adc468af1c3a6482e98d4d8c1d069c3d6687546da62a71604895a839ec30044c
-
SHA512
2016ba69110cb146dd7ab8314334446375d8dbab9a6ecebc581d99365f139897fb02202701957f40fde2bbd9e003d8d42684ff5affa99320b39b262645ab30d5
-
SSDEEP
196608:91O+f8n+rEw3ZdoYMBBu6HEJl935Ng7CazhGQ94oOn:3Oo8nY3jMBY6HEF35NIxMko
Static task
static1
Behavioral task
behavioral1
Sample
c397d163911535ae8219935711303880_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
c397d163911535ae8219935711303880_NeikiAnalytics
-
Size
6.2MB
-
MD5
c397d163911535ae8219935711303880
-
SHA1
4e146988c5b5e9848e9b79ff953e58729cbbf457
-
SHA256
adc468af1c3a6482e98d4d8c1d069c3d6687546da62a71604895a839ec30044c
-
SHA512
2016ba69110cb146dd7ab8314334446375d8dbab9a6ecebc581d99365f139897fb02202701957f40fde2bbd9e003d8d42684ff5affa99320b39b262645ab30d5
-
SSDEEP
196608:91O+f8n+rEw3ZdoYMBBu6HEJl935Ng7CazhGQ94oOn:3Oo8nY3jMBY6HEF35NIxMko
-
Blocklisted process makes network request
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-