General
-
Target
7d2904bf315ecd17d3218f888b325d10_NeikiAnalytics.exe
-
Size
4.1MB
-
Sample
240523-dflr2sbf35
-
MD5
7d2904bf315ecd17d3218f888b325d10
-
SHA1
91abbc79d24b79bf11fd05f46bcf3c11beb803fe
-
SHA256
b8593c7ab9d69fa724ca0c6498ee8900a2e7f25430669a5c3194eadebe795b5c
-
SHA512
41b170252445eb597647fc0d2e60e95f1f59223de8152303666c817a048302f8951789d4eeb9eb9b0edfcf75b6f712bf85d5f4ac94380948817b5c89e7253ec2
-
SSDEEP
98304:+R0pI/IQlUoMPdmpSpv4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm05n9klRKN41v
Malware Config
Targets
-
-
Target
7d2904bf315ecd17d3218f888b325d10_NeikiAnalytics.exe
-
Size
4.1MB
-
MD5
7d2904bf315ecd17d3218f888b325d10
-
SHA1
91abbc79d24b79bf11fd05f46bcf3c11beb803fe
-
SHA256
b8593c7ab9d69fa724ca0c6498ee8900a2e7f25430669a5c3194eadebe795b5c
-
SHA512
41b170252445eb597647fc0d2e60e95f1f59223de8152303666c817a048302f8951789d4eeb9eb9b0edfcf75b6f712bf85d5f4ac94380948817b5c89e7253ec2
-
SSDEEP
98304:+R0pI/IQlUoMPdmpSpv4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdm05n9klRKN41v
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-