General
-
Target
e2b858b0b40d3d998778e17d00787b10_NeikiAnalytics.exe
-
Size
431KB
-
Sample
240519-stj8psch8s
-
MD5
e2b858b0b40d3d998778e17d00787b10
-
SHA1
22850999a548a5982a2c145ae74c1a0dc3e42a87
-
SHA256
9db9ff622a13ce2f91f10aaf7ea77bacb045a2350ef93382766166270f3c813a
-
SHA512
71323ac9b182eb077eee63586ab70fa5ffd12f6397adbdde983c95d00477d3fb2f2e952281fcec7f901a876cce50477189f886a45bb5dc8839292f835c63a520
-
SSDEEP
6144:cT5J63Fm3b7yOE7Hvpu5CaGi4mUf95TtC4uP2scqAH:c4Fm3b7yOAHNar4mUf9lJ82scqAH
Behavioral task
behavioral1
Sample
e2b858b0b40d3d998778e17d00787b10_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
e2b858b0b40d3d998778e17d00787b10_NeikiAnalytics.exe
-
Size
431KB
-
MD5
e2b858b0b40d3d998778e17d00787b10
-
SHA1
22850999a548a5982a2c145ae74c1a0dc3e42a87
-
SHA256
9db9ff622a13ce2f91f10aaf7ea77bacb045a2350ef93382766166270f3c813a
-
SHA512
71323ac9b182eb077eee63586ab70fa5ffd12f6397adbdde983c95d00477d3fb2f2e952281fcec7f901a876cce50477189f886a45bb5dc8839292f835c63a520
-
SSDEEP
6144:cT5J63Fm3b7yOE7Hvpu5CaGi4mUf95TtC4uP2scqAH:c4Fm3b7yOAHNar4mUf9lJ82scqAH
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-