General
-
Target
2333396bcad13b6638bf2f8c349c26ba52deb293a223c2c695624b9711e6d1ecNeikiAnalytics
-
Size
6.9MB
-
Sample
240527-2qfwjscg6x
-
MD5
ea33308f83df7eb537284b21d3e81834
-
SHA1
d416f1b86b58d3f69aa25defafbe590c6293a4e1
-
SHA256
2333396bcad13b6638bf2f8c349c26ba52deb293a223c2c695624b9711e6d1ec
-
SHA512
98a99d9783ecb21d1843f861a9e19d6db847517f97d1da73a9a2bab9d8b0271f710da209dfb8275abce7689d5ebd7d0da8af12ef51cf7e9b7fdc3695ab2eff4a
-
SSDEEP
196608:wr+R0+aeNTfm/pf+xk4dWRGtrbWOjgWy3:dy/pWu4kRGtrbvMWy3
Behavioral task
behavioral1
Sample
2333396bcad13b6638bf2f8c349c26ba52deb293a223c2c695624b9711e6d1ecNeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2333396bcad13b6638bf2f8c349c26ba52deb293a223c2c695624b9711e6d1ecNeikiAnalytics
-
Size
6.9MB
-
MD5
ea33308f83df7eb537284b21d3e81834
-
SHA1
d416f1b86b58d3f69aa25defafbe590c6293a4e1
-
SHA256
2333396bcad13b6638bf2f8c349c26ba52deb293a223c2c695624b9711e6d1ec
-
SHA512
98a99d9783ecb21d1843f861a9e19d6db847517f97d1da73a9a2bab9d8b0271f710da209dfb8275abce7689d5ebd7d0da8af12ef51cf7e9b7fdc3695ab2eff4a
-
SSDEEP
196608:wr+R0+aeNTfm/pf+xk4dWRGtrbWOjgWy3:dy/pWu4kRGtrbvMWy3
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-