General
-
Target
41c354f1ced98b4a8b39cb0af6482550_NeikiAnalytics.exe
-
Size
355KB
-
Sample
240522-1f7qvahf5v
-
MD5
41c354f1ced98b4a8b39cb0af6482550
-
SHA1
b1c731090a1467ad288c30c7af3182aea7fff832
-
SHA256
e6558cbd6922a293e91c0b292ef58494affd161a1e8c61d220fd8d2554505668
-
SHA512
231778cb6de65cbe23f83879d1b218699584d134ca8c7d40035fbf3bc3a764d0ad0d1d7ae17ca10fb5d3d9939f3047457fec50f78dd5fb1b3d7c76de4481415b
-
SSDEEP
6144:/qvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7oi:/qvMQ5ibjnwka3pbRC19Gw/Nsoi
Behavioral task
behavioral1
Sample
41c354f1ced98b4a8b39cb0af6482550_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
41c354f1ced98b4a8b39cb0af6482550_NeikiAnalytics.exe
-
Size
355KB
-
MD5
41c354f1ced98b4a8b39cb0af6482550
-
SHA1
b1c731090a1467ad288c30c7af3182aea7fff832
-
SHA256
e6558cbd6922a293e91c0b292ef58494affd161a1e8c61d220fd8d2554505668
-
SHA512
231778cb6de65cbe23f83879d1b218699584d134ca8c7d40035fbf3bc3a764d0ad0d1d7ae17ca10fb5d3d9939f3047457fec50f78dd5fb1b3d7c76de4481415b
-
SSDEEP
6144:/qvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7oi:/qvMQ5ibjnwka3pbRC19Gw/Nsoi
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-