General
-
Target
e69207d7291a763419f128afbf0130c0_NeikiAnalytics
-
Size
1.1MB
-
Sample
240516-vvhsdafb5z
-
MD5
e69207d7291a763419f128afbf0130c0
-
SHA1
1ca9f8fed86f349ca714feb461520989fad03383
-
SHA256
88f88afe49b7f2bcab43710b5b2979d7515c1e780a79f8bbe8dfbe11f5f5e3d5
-
SHA512
af01ebf537f259f73c662f69d6a4913ddbcce0fe5ba0490571518b209d839fe3ab56721f5f123b1f44543dc8e3da503555507b00c8b9792e49153747a6144fca
-
SSDEEP
12288:H51TfuZQuDV5U21ZJiRh9Te6s9G8R65x/IEpIbGkde4tezs3qKpeyDyDkPwEJjm3:H/uuSVG21ZJij/8RMx7juPDy4YhJnF
Malware Config
Targets
-
-
Target
e69207d7291a763419f128afbf0130c0_NeikiAnalytics
-
Size
1.1MB
-
MD5
e69207d7291a763419f128afbf0130c0
-
SHA1
1ca9f8fed86f349ca714feb461520989fad03383
-
SHA256
88f88afe49b7f2bcab43710b5b2979d7515c1e780a79f8bbe8dfbe11f5f5e3d5
-
SHA512
af01ebf537f259f73c662f69d6a4913ddbcce0fe5ba0490571518b209d839fe3ab56721f5f123b1f44543dc8e3da503555507b00c8b9792e49153747a6144fca
-
SSDEEP
12288:H51TfuZQuDV5U21ZJiRh9Te6s9G8R65x/IEpIbGkde4tezs3qKpeyDyDkPwEJjm3:H/uuSVG21ZJij/8RMx7juPDy4YhJnF
Score8/10-
Sets service image path in registry
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-