General
-
Target
701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe
-
Size
47KB
-
Sample
240613-laarlawfqk
-
MD5
701f0f6ff98ebef81268c74b2f2ce560
-
SHA1
a19b43a4754a839831fd626df9310f73a2753bc4
-
SHA256
f76ecae0784f4ce82fca174fbeb46004063f90bf03d006c8611ffec8d5cbbc7c
-
SHA512
ad2826687ae17775d43b986fa0e03e3ca974a36e02899a8ba2e4fc0d74b1d152344b8c7b8628f122847b8050a66adc9748b7c907ea94d5a4840e0802ca76d4b0
-
SSDEEP
768:ua4r+PpHfXGLOnNh8noR+Dk6SLhmVGj3y6SLhmVGj3g:2r+Fuc5LhmkjC5Lhmkjw
Behavioral task
behavioral1
Sample
701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
701f0f6ff98ebef81268c74b2f2ce560_NeikiAnalytics.exe
-
Size
47KB
-
MD5
701f0f6ff98ebef81268c74b2f2ce560
-
SHA1
a19b43a4754a839831fd626df9310f73a2753bc4
-
SHA256
f76ecae0784f4ce82fca174fbeb46004063f90bf03d006c8611ffec8d5cbbc7c
-
SHA512
ad2826687ae17775d43b986fa0e03e3ca974a36e02899a8ba2e4fc0d74b1d152344b8c7b8628f122847b8050a66adc9748b7c907ea94d5a4840e0802ca76d4b0
-
SSDEEP
768:ua4r+PpHfXGLOnNh8noR+Dk6SLhmVGj3y6SLhmVGj3g:2r+Fuc5LhmkjC5Lhmkjw
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-