General
-
Target
74319c33f150e7d716bc2a3e4a67d350_NeikiAnalytics.exe
-
Size
455KB
-
Sample
240523-cjf6asaa93
-
MD5
74319c33f150e7d716bc2a3e4a67d350
-
SHA1
5df405f835c6a433709ab833adb2496269676d0a
-
SHA256
0b39c9aab03a945a338947e0743f23dcb507121911579ace9e9bf30deb403583
-
SHA512
de4e7b53a108e49e5d603d3c4acd74426aeab6cbbd40b1de939fbabcc448b2aa4fca965ad742e39e08605a0eb2b83346e2081733a24737f588cae67d593c9e44
-
SSDEEP
6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F87LpIh9jil:5pQD+mO5KWy/zrVbt4fcYU9U9jI
Malware Config
Targets
-
-
Target
74319c33f150e7d716bc2a3e4a67d350_NeikiAnalytics.exe
-
Size
455KB
-
MD5
74319c33f150e7d716bc2a3e4a67d350
-
SHA1
5df405f835c6a433709ab833adb2496269676d0a
-
SHA256
0b39c9aab03a945a338947e0743f23dcb507121911579ace9e9bf30deb403583
-
SHA512
de4e7b53a108e49e5d603d3c4acd74426aeab6cbbd40b1de939fbabcc448b2aa4fca965ad742e39e08605a0eb2b83346e2081733a24737f588cae67d593c9e44
-
SSDEEP
6144:mBapC9DUIYmO5Kv5Q7X/l/rYvkW1VxxfnzrV9UAH0ctkPfc92F87LpIh9jil:5pQD+mO5KWy/zrVbt4fcYU9U9jI
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-