General
-
Target
d3af3d5142b11c8fb767076688c5e790_NeikiAnalytics.exe
-
Size
431KB
-
Sample
240524-jrbn4sae33
-
MD5
d3af3d5142b11c8fb767076688c5e790
-
SHA1
e95579fbb827aa2ee9b031fe44dccc00171f351d
-
SHA256
199b2cb92890944469b6eb84f8893f419c48799df164604d0f4ed9b6dc41551d
-
SHA512
fb93037aaefe8e4ae95b9640d1f409737a0ae8380fcad2c8a6c998e8a09c0ca9e9ec16c3464c81899b86162a2518487322d0bb05d1cc25afe777d04b8b1bbf1f
-
SSDEEP
3072:TVmHpJqu0Vh6jw/fmZmRMpVuWwP5tOcQfgdVqYHKjoS1HwZCFjTPG1UFNE2XCKUM:TcHpJfHElepVuWwP5YcQfg8J+ojCKC+r
Behavioral task
behavioral1
Sample
d3af3d5142b11c8fb767076688c5e790_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
d3af3d5142b11c8fb767076688c5e790_NeikiAnalytics.exe
-
Size
431KB
-
MD5
d3af3d5142b11c8fb767076688c5e790
-
SHA1
e95579fbb827aa2ee9b031fe44dccc00171f351d
-
SHA256
199b2cb92890944469b6eb84f8893f419c48799df164604d0f4ed9b6dc41551d
-
SHA512
fb93037aaefe8e4ae95b9640d1f409737a0ae8380fcad2c8a6c998e8a09c0ca9e9ec16c3464c81899b86162a2518487322d0bb05d1cc25afe777d04b8b1bbf1f
-
SSDEEP
3072:TVmHpJqu0Vh6jw/fmZmRMpVuWwP5tOcQfgdVqYHKjoS1HwZCFjTPG1UFNE2XCKUM:TcHpJfHElepVuWwP5YcQfg8J+ojCKC+r
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-