General
-
Target
3641695f094ca0c1682dd132e5883810_NeikiAnalytics.exe
-
Size
260KB
-
Sample
240611-qnmersybpc
-
MD5
3641695f094ca0c1682dd132e5883810
-
SHA1
16d266869543bb02c4e4c3dc4a71467b734d759c
-
SHA256
0b6b842b2d9f473cd9abf17d12f2c5d4b5e1ef8de6c01be4aac43f07ce455b35
-
SHA512
f07cbceda6f61691f73bc8c2a00c5a1b1fa7e9b14e34488e4125b7e7ecdbd4af907bb73b55d11e641f727dac2dc4bbc7b432e6b9d3e537fff2ec14625904acdc
-
SSDEEP
6144:4OG0xR6oQrvlipmeYmDgTqsRCF+ugJWoV4BV+UdvrEFp7hKDYDN:RGyRVQ+rYagWs8+Bh4BjvrEH7/
Malware Config
Targets
-
-
Target
3641695f094ca0c1682dd132e5883810_NeikiAnalytics.exe
-
Size
260KB
-
MD5
3641695f094ca0c1682dd132e5883810
-
SHA1
16d266869543bb02c4e4c3dc4a71467b734d759c
-
SHA256
0b6b842b2d9f473cd9abf17d12f2c5d4b5e1ef8de6c01be4aac43f07ce455b35
-
SHA512
f07cbceda6f61691f73bc8c2a00c5a1b1fa7e9b14e34488e4125b7e7ecdbd4af907bb73b55d11e641f727dac2dc4bbc7b432e6b9d3e537fff2ec14625904acdc
-
SSDEEP
6144:4OG0xR6oQrvlipmeYmDgTqsRCF+ugJWoV4BV+UdvrEFp7hKDYDN:RGyRVQ+rYagWs8+Bh4BjvrEH7/
Score8/10-
Modifies AppInit DLL entries
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
Uninstall.exe
-
Size
58KB
-
MD5
fea82bd5df481b3982fa297dc5cbd12e
-
SHA1
b63a105fff24eb17ec6cb3d223c42558b7df5551
-
SHA256
d2da2bd9a56b720f56bad71942d15cec0b7e99219797d41342fe9f20c545ead5
-
SHA512
1378f7a169e0cb82bbe3cde7ecfbf672a9aedfb763437ea42e8e7e7f15d13fb0bddc230beed277ad900f89824a3af20652cfb6ef6c11db0241923f98ebdcdf92
-
SSDEEP
1536:4TcVYzwG5Mc9AggbycZ71J/gdLeAyNxBy:4TymwGEggmcjJ/ceAey
Score3/10 -
-
-
Target
js/errorHandler.js
-
Size
519B
-
MD5
fdd3749773f0e6169728b4fcf512b2ee
-
SHA1
e6bba8cfd6c5ef7d99b6b7a3b7e24da3beb52e3a
-
SHA256
60b66884ddfd91c2ad2f7d3774ff8647d163f469ebe8b8f2769a575cf7c0585e
-
SHA512
42b02e60b0359563a99be2c99cd6da4e9e8c4e95b44370196ccaf7acee732f511631265dddaaa69742e9939ad6b6201ae7d74d78dc09d9e2e96a696665097c99
Score3/10 -
-
-
Target
js/localization.js
-
Size
7KB
-
MD5
a1d858742e4ccd0173aed604947e24a1
-
SHA1
439b54ac8278f78d1fa5aaebc6aeebe121260c65
-
SHA256
3f12a4f665330563e702f82dd69a4054034051f0ccb48744c6e5469ebb3715f2
-
SHA512
9cb232a91db762cae99a10c4b7c07754ea545b6a1ea4f7edd4246e1e409dfed7d08ec08320db10ac98108890083107f624ca8a1397c514846c7810c69d93b87c
-
SSDEEP
96:tY2nKEA7w1p5bDbXspJKJ7VecBr495J1Sm7o9GCDe9DjGlEyemenoyaOv8:N131fHqnJ1Sm7o9GKe9DjqEyexoyaU8
Score3/10 -
-
-
Target
js/main.js
-
Size
5KB
-
MD5
315600288639221beb2f29c9d3834660
-
SHA1
1753f5488a3fa1e3bae9434b51f0e6ab289f330b
-
SHA256
7b7e7df885cd9159f216b97dbc84121e9622acbc67d22a1f5f42501cb0adab1c
-
SHA512
30df07ec115e80ff0b0f447bfa72cb9f4199c0840b22e2f6e0ada141e445a91930089036a092a3db24025d437576b4d7e2c0a6b78ddfbe736d231f4b53b25121
-
SSDEEP
96:3jpH0YPDF/hDknsg5+i8RDtxjWL0n5RVVpGbfw9pLXWCfUW1zHffJpUJQNJWC5pU:lHD/DksgMZ5gIRAb6pLGwh1zHwJQNwoy
Score3/10 -
-
-
Target
js/metrika.js
-
Size
359KB
-
MD5
8da054bdff5af362d234c027b59d30c7
-
SHA1
7f4ce9cd6619c2724d37fb87d815d0e8f8dba296
-
SHA256
1387306cf47156d36dd9c1d4e8de4e0abb2d3ac2d750d802f54a5b5d84cd7260
-
SHA512
f8484d84f7be22462e39d543db9ee9cbf1eadf714f94ab604f1fd968ea1bc2e680ede401039c923eecab4a8cafb8fcc2fddcb998688cecbc5f872e11ba45a9c2
-
SSDEEP
3072:25HURkBAJW5DfcuSvGgsq2Xh0evTzzUXVFFA0yrFGajhS8NezA4iSVfEQZ4fm:pkqaTKuZCevTzzUXVFFA036ezV+fm
Score3/10 -
-
-
Target
js/polyfills.js
-
Size
3KB
-
MD5
1e67d39cc362848a78d636c77ac34d96
-
SHA1
f90e780f4542b8b4ee6b0e59fd31d86add59b7e4
-
SHA256
5531dff73c1af1a3375eccbfb2c99fa55c454d320cf127d5ea6d06e25371f746
-
SHA512
fcaa8e72589fe26976ca6447fcde8b122ef45f1c12746c8e89a851cdf49551d773c05c4a7f468a19d69a038398db87798dee0f12834fe03d7d6f79f1a4e562b0
Score3/10 -
-
-
Target
js/statistics.js
-
Size
3KB
-
MD5
0957dbb0c8a34dc1fe425f8b873f5b95
-
SHA1
3597ec4f6ae2eb92a7a3421d291935da25057e52
-
SHA256
3556b2a93632c6f4def228ff77eb862f3f415eed66b44bd6e30d053974916aaa
-
SHA512
dfd91f2eeb4c05c76bb472fcf1b01610164f9b4de1555b3535d2f71e3e10c3446cac7cada4f13a2470651d4722b09128d4fd4d0b68b7522f14efab1d0e75d5da
Score3/10 -
-
-
Target
main.html
-
Size
2KB
-
MD5
83eb20ed9a049a4270774907d5769b30
-
SHA1
a6cdd077211b78566dc0b7c63f10dbb3cb320ffc
-
SHA256
c8cb6d6c9477be521503e22701e68b7b6a8f4073e591ba47e3a07ec2a83c8420
-
SHA512
12425eb9b3725971c8de62f85055b1af50099cf54f8d2d0b03fe350772398172bef9a59d5757613f23f789a436da359fb282eb178952f84c7e11d13adb908b1a
Score1/10 -
-
-
Target
run.hta
-
Size
1KB
-
MD5
7d2c494778be2b7a3a1d3b780b058ddd
-
SHA1
32009f732f3fee3a3c91326f3815df8f43375790
-
SHA256
006693ec698c4c3c7410fcbeba07c0cb7ab638f17e74786db0b6e72ba7d8b4b7
-
SHA512
b33f0cc32fd200d4f91d1af931c72ba388c0711b60df07f4fd94924d7d863199d4cbc60fcead95d94bcb6d2da77f05bc742262371305364966912bc4e64070b2
Score8/10-
Blocklisted process makes network request
-
-
-
Target
settings.hta
-
Size
2KB
-
MD5
5fcbafe4e2e1f2e0ef7fd24bda8ba026
-
SHA1
14592d16442f0d941deb76b4283e47b2e883a029
-
SHA256
b4c138e5796bc6035b4ac818aa5eb691176d7e4397e101ea1c1f9d2a1ff1d683
-
SHA512
e380a7b203a62533d65b3550fc60ec61ba52c85cc49ad49d82bc6905c37d1406e1ab9621e2c3c0378ab168f434588592c66aa90fc8048ea0b5d8cf9304a0feae
Score8/10-
Blocklisted process makes network request
-
-
-
Target
settings.html
-
Size
2KB
-
MD5
a1097f9d7670f194d5fba02754015848
-
SHA1
c8055faf23e8b4a3f1bdebc0aaafe92237f4fdb6
-
SHA256
879190619b5f5ca314e86bb3b6bf9f4b24597236d4435fb71f01840bb35c13e5
-
SHA512
88b148c08e19607db5a068adbc87ea1f1eebaf011c45c504193fa6a97a47007a10468d044f0fabe7291bb2aa17655337e36a270b8ae27a70d0331d37e3d6615e
Score1/10 -
-
-
Target
start.cmd
-
Size
32B
-
MD5
1ba015901ba41d49f1184b36e8233a68
-
SHA1
96dfd02b3d32be2502d7996446b51a4f6d6d0d21
-
SHA256
c22466420f3524025a79158743419d069c883dad1d74fd2f36b1522af00268f4
-
SHA512
d61d8e23ce32538c44e3df85e530f541d1ba93a7d445ca01af4b8326f263ec0d6831163f4799e0143fcfef91a643b6be3673c53855eb30648370a0e3ac580d3b
Score1/10 -