General
-
Target
ec7dd24fb0f4c4415295cd9cee97c850_NeikiAnalytics.exe
-
Size
777KB
-
Sample
240517-prh13shc9z
-
MD5
ec7dd24fb0f4c4415295cd9cee97c850
-
SHA1
c88b0df68e14048c36f4686eb166754bb1d13036
-
SHA256
fc97497a79f9ff3b5591c93d67fb91833a46b31048d9ee7bab92ba1681217e50
-
SHA512
986fd73e2fe17ef1244b249911a2c10c676c1a45a682c7f40a597b200e9ea52643f85d2a64c8cdb10fdcab35fabd2924cdd936caf9f95589a9d0909c14058bc5
-
SSDEEP
12288:dXCNi9BQmd9nT6WgGS0pNsWg5XNQ2bpBCZtl9nY1yye49+s8DXDr/fV7uOUx41C:oWQuppaWg5XiZQjo5xzg4c
Malware Config
Targets
-
-
Target
ec7dd24fb0f4c4415295cd9cee97c850_NeikiAnalytics.exe
-
Size
777KB
-
MD5
ec7dd24fb0f4c4415295cd9cee97c850
-
SHA1
c88b0df68e14048c36f4686eb166754bb1d13036
-
SHA256
fc97497a79f9ff3b5591c93d67fb91833a46b31048d9ee7bab92ba1681217e50
-
SHA512
986fd73e2fe17ef1244b249911a2c10c676c1a45a682c7f40a597b200e9ea52643f85d2a64c8cdb10fdcab35fabd2924cdd936caf9f95589a9d0909c14058bc5
-
SSDEEP
12288:dXCNi9BQmd9nT6WgGS0pNsWg5XNQ2bpBCZtl9nY1yye49+s8DXDr/fV7uOUx41C:oWQuppaWg5XiZQjo5xzg4c
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-