General
-
Target
151f375ff9e4bf7466b3864da475ef80_NeikiAnalytics.exe
-
Size
120KB
-
Sample
240522-dlyc2aad8w
-
MD5
151f375ff9e4bf7466b3864da475ef80
-
SHA1
a4645b0829b85a2e354f102705643e94af6f6916
-
SHA256
fc376fae34b736c21b406da588ea38ea4410f8ed7ed2e57c73c0579f61f6e24e
-
SHA512
0ec8582cac1bf7ce36d79ddbb600c90fdd150dbd64894484345e1030bb4d6801d941c4f694e12701dc61bb89cc009a8140c5a20209d34066ff35f93f40d346ca
-
SSDEEP
3072:yOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:yIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Malware Config
Targets
-
-
Target
151f375ff9e4bf7466b3864da475ef80_NeikiAnalytics.exe
-
Size
120KB
-
MD5
151f375ff9e4bf7466b3864da475ef80
-
SHA1
a4645b0829b85a2e354f102705643e94af6f6916
-
SHA256
fc376fae34b736c21b406da588ea38ea4410f8ed7ed2e57c73c0579f61f6e24e
-
SHA512
0ec8582cac1bf7ce36d79ddbb600c90fdd150dbd64894484345e1030bb4d6801d941c4f694e12701dc61bb89cc009a8140c5a20209d34066ff35f93f40d346ca
-
SSDEEP
3072:yOjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPh:yIs9OKofHfHTXQLzgvnzHPowYbvrjD/E
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-