General
-
Target
1bed03d6d779f8d3ae27aba72d345890_NeikiAnalytics.exe
-
Size
88KB
-
Sample
240610-z9cbcs1fqp
-
MD5
1bed03d6d779f8d3ae27aba72d345890
-
SHA1
d6948676301f7a2b7e8f8fb719ee27f155a0d1a8
-
SHA256
09deb5d4775d5a06d5851d1583324c3f5ba4dad581b66f6e8147956a0c901934
-
SHA512
175a460f2c519b2fccaf6dc40afd5f0a5d68e3a00b05768d17c2d605e048f14a29dbd21d7e73238fc450185062572a7149403ecf6581bc57c13df6b7da65aa8b
-
SSDEEP
1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMA:aIofBHbKMP0PvMA
Static task
static1
Behavioral task
behavioral1
Sample
1bed03d6d779f8d3ae27aba72d345890_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1bed03d6d779f8d3ae27aba72d345890_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1bed03d6d779f8d3ae27aba72d345890_NeikiAnalytics.exe
-
Size
88KB
-
MD5
1bed03d6d779f8d3ae27aba72d345890
-
SHA1
d6948676301f7a2b7e8f8fb719ee27f155a0d1a8
-
SHA256
09deb5d4775d5a06d5851d1583324c3f5ba4dad581b66f6e8147956a0c901934
-
SHA512
175a460f2c519b2fccaf6dc40afd5f0a5d68e3a00b05768d17c2d605e048f14a29dbd21d7e73238fc450185062572a7149403ecf6581bc57c13df6b7da65aa8b
-
SSDEEP
1536:ahUDofByDJWbMGcEFLPEPKOJUsy1+VMA:aIofBHbKMP0PvMA
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-