General
-
Target
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe
-
Size
161KB
-
Sample
240613-j2fqtavapl
-
MD5
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0
-
SHA1
0c6d4e22575185519c3d200b1dd7d9952e16c8f8
-
SHA256
e0f8a4ee0eb0891e7c5c3b3977c960eac98b48c4c790c76f3b4cedcc8a94464a
-
SHA512
e6689d00ee20ab09a5b75c20e1a311bcc906fd084a6ac74af9938db6223153327acfab48d969529d9553f1dff797a50a31fd2f1a23270f7ac49c3cd56f502272
-
SSDEEP
3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJ:pUquCkdYzrVolu/J0ZZ
Behavioral task
behavioral1
Sample
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0_NeikiAnalytics.exe
-
Size
161KB
-
MD5
6bbbe8ef0763a7e3cf6ac2c09ff8ffa0
-
SHA1
0c6d4e22575185519c3d200b1dd7d9952e16c8f8
-
SHA256
e0f8a4ee0eb0891e7c5c3b3977c960eac98b48c4c790c76f3b4cedcc8a94464a
-
SHA512
e6689d00ee20ab09a5b75c20e1a311bcc906fd084a6ac74af9938db6223153327acfab48d969529d9553f1dff797a50a31fd2f1a23270f7ac49c3cd56f502272
-
SSDEEP
3072:i5SVkkgUWib1UC7AdYzrV+Dljy/32ubwZZqJ:pUquCkdYzrVolu/J0ZZ
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-