General
-
Target
2d04be6d0b684c9c116f9f72696c15e91240ea4cded41ad6a72da6e29c35b283_NeikiAnalytics
-
Size
89KB
-
Sample
240521-lh1mzsge5w
-
MD5
28d9183f17f18655ad1b77eaf006ac50
-
SHA1
cbcb9be8ae343f977c56f94a84e00c9b0c0e2aeb
-
SHA256
2d04be6d0b684c9c116f9f72696c15e91240ea4cded41ad6a72da6e29c35b283
-
SHA512
4bab4b79095f2542f369c28a28ba2aade894e4740767459fd2b7749ded439e970591f14282ead29d5a533925c6b9deb3db492af2458b413d328ba049dea0b32e
-
SSDEEP
1536:5+4hkM3Yz8wMZhUD2XsjEQWOSkE+Ct6WKBex3GWU5FkWp+AmQwKGSZhCQbIo/tSP:dq6OLM3QasY5Ft71fqWWp+efG4hCQrq
Behavioral task
behavioral1
Sample
2d04be6d0b684c9c116f9f72696c15e91240ea4cded41ad6a72da6e29c35b283_NeikiAnalytics.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2d04be6d0b684c9c116f9f72696c15e91240ea4cded41ad6a72da6e29c35b283_NeikiAnalytics
-
Size
89KB
-
MD5
28d9183f17f18655ad1b77eaf006ac50
-
SHA1
cbcb9be8ae343f977c56f94a84e00c9b0c0e2aeb
-
SHA256
2d04be6d0b684c9c116f9f72696c15e91240ea4cded41ad6a72da6e29c35b283
-
SHA512
4bab4b79095f2542f369c28a28ba2aade894e4740767459fd2b7749ded439e970591f14282ead29d5a533925c6b9deb3db492af2458b413d328ba049dea0b32e
-
SSDEEP
1536:5+4hkM3Yz8wMZhUD2XsjEQWOSkE+Ct6WKBex3GWU5FkWp+AmQwKGSZhCQbIo/tSP:dq6OLM3QasY5Ft71fqWWp+efG4hCQrq
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-