General
-
Target
e6e54fa9a28be41083f2277d7cf856c0_NeikiAnalytics.exe
-
Size
12KB
-
Sample
240520-mcswmafg6t
-
MD5
e6e54fa9a28be41083f2277d7cf856c0
-
SHA1
24e29e60cef1c99a33b0254f1cb7e31458c2f21a
-
SHA256
d7627fb96d0a8e1f0675a3234f4594293fd87a64e045efc4013a9b3133430bbd
-
SHA512
550b8b5ee73160b19911b2c01753de530f42ac0f4b4be667d571a86005c80afea152815b1d454af44cbacc5c141c6161888928268a70b3a35ec05911be5abb14
-
SSDEEP
384:LL7li/2zSq2DcEQvdQcJKLTp/NK9xaWM:fSMCQ9cWM
Malware Config
Targets
-
-
Target
e6e54fa9a28be41083f2277d7cf856c0_NeikiAnalytics.exe
-
Size
12KB
-
MD5
e6e54fa9a28be41083f2277d7cf856c0
-
SHA1
24e29e60cef1c99a33b0254f1cb7e31458c2f21a
-
SHA256
d7627fb96d0a8e1f0675a3234f4594293fd87a64e045efc4013a9b3133430bbd
-
SHA512
550b8b5ee73160b19911b2c01753de530f42ac0f4b4be667d571a86005c80afea152815b1d454af44cbacc5c141c6161888928268a70b3a35ec05911be5abb14
-
SSDEEP
384:LL7li/2zSq2DcEQvdQcJKLTp/NK9xaWM:fSMCQ9cWM
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-