General
-
Target
ebc3136093779e97d8d244e0152469b0_NeikiAnalytics.exe
-
Size
1.4MB
-
Sample
240517-pbd27age2t
-
MD5
ebc3136093779e97d8d244e0152469b0
-
SHA1
9f6ef0573de857401065672ef2259edea89cc590
-
SHA256
4a0bafaf5e0a81641fd0d23a6929dfde792360bb85fa105cbf72540a1081a1a6
-
SHA512
6f71e067fb41f115227089c7d7ca9133b78f1641151063b576e7508035f63b5a59e5fa2f0b552e3571b4899cc0811ef27f03d7738905a3cc477ac09e0a708877
-
SSDEEP
24576:YipKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVCGC8b:HKzcCyEq9DRho/ctH01Ws74rA4RUBDHB
Malware Config
Targets
-
-
Target
ebc3136093779e97d8d244e0152469b0_NeikiAnalytics.exe
-
Size
1.4MB
-
MD5
ebc3136093779e97d8d244e0152469b0
-
SHA1
9f6ef0573de857401065672ef2259edea89cc590
-
SHA256
4a0bafaf5e0a81641fd0d23a6929dfde792360bb85fa105cbf72540a1081a1a6
-
SHA512
6f71e067fb41f115227089c7d7ca9133b78f1641151063b576e7508035f63b5a59e5fa2f0b552e3571b4899cc0811ef27f03d7738905a3cc477ac09e0a708877
-
SSDEEP
24576:YipKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVCGC8b:HKzcCyEq9DRho/ctH01Ws74rA4RUBDHB
Score8/10-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Registers COM server for autorun
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-