General
-
Target
231514b0e4e6daf05aff839aa53c9740_NeikiAnalytics.exe
-
Size
544KB
-
Sample
240527-hd31rsbc4x
-
MD5
231514b0e4e6daf05aff839aa53c9740
-
SHA1
1aa1c5923ee62b7a7f5ac55460b477eb3dd30211
-
SHA256
42230a210179e21d39cc8c2f469365f1e366af0e9169fc30dff97b7aea23e988
-
SHA512
94c2336a3c747ce64d4e2b5083f7084c9afb7b34952c479ae76c14343ddf224ea69d0f46d77cbb91ec81719e54fae0a7027981cc11a2cd755329f26bd4758aef
-
SSDEEP
12288:dXCNi9BYw8vl6s7vhzy6n7FVvq02WF6Cvzz75JZcTXNUm:oWYw06KPzkWFxLz7LZc+m
Malware Config
Targets
-
-
Target
231514b0e4e6daf05aff839aa53c9740_NeikiAnalytics.exe
-
Size
544KB
-
MD5
231514b0e4e6daf05aff839aa53c9740
-
SHA1
1aa1c5923ee62b7a7f5ac55460b477eb3dd30211
-
SHA256
42230a210179e21d39cc8c2f469365f1e366af0e9169fc30dff97b7aea23e988
-
SHA512
94c2336a3c747ce64d4e2b5083f7084c9afb7b34952c479ae76c14343ddf224ea69d0f46d77cbb91ec81719e54fae0a7027981cc11a2cd755329f26bd4758aef
-
SSDEEP
12288:dXCNi9BYw8vl6s7vhzy6n7FVvq02WF6Cvzz75JZcTXNUm:oWYw06KPzkWFxLz7LZc+m
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-