General
-
Target
d46e2f5007e8af971c34a17bafe544d0_NeikiAnalytics
-
Size
829KB
-
Sample
240516-lfjaxsee59
-
MD5
d46e2f5007e8af971c34a17bafe544d0
-
SHA1
3fa71c422597d24af29bf942bc3e7dfba404f6dd
-
SHA256
eaa9a6674a2c49762574bd10294cfe737e37c7793f4c88d0ba3700db73e15b55
-
SHA512
03d1e1ec5cff82c2fe61732d08f98d5bb8c263c081008be1ecc1bd8d359787460762773034906a52e933daf25e0ac07f9a82a1f9721e2e824e354e90100e35ef
-
SSDEEP
12288:lCFCcYc/Cg2QGAtikngWn3IgPZA9H7id2naI+:l9cYc/IOikngWnYnH7id2ng
Behavioral task
behavioral1
Sample
d46e2f5007e8af971c34a17bafe544d0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
d46e2f5007e8af971c34a17bafe544d0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
d46e2f5007e8af971c34a17bafe544d0_NeikiAnalytics
-
Size
829KB
-
MD5
d46e2f5007e8af971c34a17bafe544d0
-
SHA1
3fa71c422597d24af29bf942bc3e7dfba404f6dd
-
SHA256
eaa9a6674a2c49762574bd10294cfe737e37c7793f4c88d0ba3700db73e15b55
-
SHA512
03d1e1ec5cff82c2fe61732d08f98d5bb8c263c081008be1ecc1bd8d359787460762773034906a52e933daf25e0ac07f9a82a1f9721e2e824e354e90100e35ef
-
SSDEEP
12288:lCFCcYc/Cg2QGAtikngWn3IgPZA9H7id2naI+:l9cYc/IOikngWnYnH7id2ng
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-