General
-
Target
4f5f44468e67b7a7beb26ca48afe43e0_NeikiAnalytics.exe
-
Size
36KB
-
Sample
240522-2nzwmsbg71
-
MD5
4f5f44468e67b7a7beb26ca48afe43e0
-
SHA1
92698a420bfbefc3fd6de58e29a7bc055c85a939
-
SHA256
2a53717272c2133a69ee90bbf084d1b3acbdd5d88bd108a75f7bc9cb65f95f51
-
SHA512
9dcb92676d559e97162542ed6c2f5def54fa29fe37684ac6943d4fbcd6c0fb31b2e323d2a5c7794353e0ae9eebb6dd4cb35a6ae4b712db01d34250e694dafa29
-
SSDEEP
768:9qSqC8+N5ozQQqncwxWmNXMX3cX8wtgg/X/zCtgcgCEX8u/vSXrXrXrXrXrXyu1S:9rqfzQQqamN88Fr277777RQ
Static task
static1
Behavioral task
behavioral1
Sample
4f5f44468e67b7a7beb26ca48afe43e0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4f5f44468e67b7a7beb26ca48afe43e0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
Protocol: ftp- Host:
ftp.tripod.com - Port:
21 - Username:
onthelinux - Password:
741852abc
Targets
-
-
Target
4f5f44468e67b7a7beb26ca48afe43e0_NeikiAnalytics.exe
-
Size
36KB
-
MD5
4f5f44468e67b7a7beb26ca48afe43e0
-
SHA1
92698a420bfbefc3fd6de58e29a7bc055c85a939
-
SHA256
2a53717272c2133a69ee90bbf084d1b3acbdd5d88bd108a75f7bc9cb65f95f51
-
SHA512
9dcb92676d559e97162542ed6c2f5def54fa29fe37684ac6943d4fbcd6c0fb31b2e323d2a5c7794353e0ae9eebb6dd4cb35a6ae4b712db01d34250e694dafa29
-
SSDEEP
768:9qSqC8+N5ozQQqncwxWmNXMX3cX8wtgg/X/zCtgcgCEX8u/vSXrXrXrXrXrXyu1S:9rqfzQQqamN88Fr277777RQ
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-