General
-
Target
28b1d5a2a630ee3aadc78576c4c06010_NeikiAnalytics.exe
-
Size
357KB
-
Sample
240522-plwpzsbb4s
-
MD5
28b1d5a2a630ee3aadc78576c4c06010
-
SHA1
76bf2bc0e5ecbd81d9bdda78df2420701bcf039c
-
SHA256
84f9ab5a8e810fd027e7fe0d2e4004444b316a51d6f15951c5d17f0970068748
-
SHA512
b7a0f0fd547948e8228e99a6910c9f8b75f9b5e3913de19741ddcb5892e3fa0a6f141965c251deb8d0a6de50d1fba27154a023deafe8c361d0e795a7b10bd825
-
SSDEEP
6144:mvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7om:mvMQ5ibjnwka3pbRC19Gw/Nsom
Behavioral task
behavioral1
Sample
28b1d5a2a630ee3aadc78576c4c06010_NeikiAnalytics.exe
Resource
win7-20240419-en
Malware Config
Targets
-
-
Target
28b1d5a2a630ee3aadc78576c4c06010_NeikiAnalytics.exe
-
Size
357KB
-
MD5
28b1d5a2a630ee3aadc78576c4c06010
-
SHA1
76bf2bc0e5ecbd81d9bdda78df2420701bcf039c
-
SHA256
84f9ab5a8e810fd027e7fe0d2e4004444b316a51d6f15951c5d17f0970068748
-
SHA512
b7a0f0fd547948e8228e99a6910c9f8b75f9b5e3913de19741ddcb5892e3fa0a6f141965c251deb8d0a6de50d1fba27154a023deafe8c361d0e795a7b10bd825
-
SSDEEP
6144:mvk3Q5ibjnNuuXckaL7pbRBkce97aw/N4L7om:mvMQ5ibjnwka3pbRC19Gw/Nsom
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-