General
-
Target
179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe
-
Size
440KB
-
Sample
240519-xaldwaca37
-
MD5
179a3747b82b58a9c3589974e145adf0
-
SHA1
80af51f31d6492945a846bd19f773005717f5c2c
-
SHA256
d67dd66d7f97cca8e9091c6f59e8bc9b4973d73df1f5fdc13fd7e68211679d32
-
SHA512
09aff14d940db5c491bba80e46f93ba2251505c092eb8b915f6da1b0b7d81b39a81041cfbe8e5685bf500460f15ebbbd777864f84869d6242b17b1ced4721fe2
-
SSDEEP
6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAt:xgXQKSLpOCtV0R8xMSaAt
Behavioral task
behavioral1
Sample
179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
179a3747b82b58a9c3589974e145adf0_NeikiAnalytics.exe
-
Size
440KB
-
MD5
179a3747b82b58a9c3589974e145adf0
-
SHA1
80af51f31d6492945a846bd19f773005717f5c2c
-
SHA256
d67dd66d7f97cca8e9091c6f59e8bc9b4973d73df1f5fdc13fd7e68211679d32
-
SHA512
09aff14d940db5c491bba80e46f93ba2251505c092eb8b915f6da1b0b7d81b39a81041cfbe8e5685bf500460f15ebbbd777864f84869d6242b17b1ced4721fe2
-
SSDEEP
6144:xozXQKqfmiiyWwuiFOLeyOV0R7YRXxMSaAt:xgXQKSLpOCtV0R8xMSaAt
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-