General
-
Target
756ffe9058f1ea16e5fffa48902aa250_NeikiAnalytics.exe
-
Size
996KB
-
Sample
240619-b1wrmswbmj
-
MD5
756ffe9058f1ea16e5fffa48902aa250
-
SHA1
fb29d766739ecd6be169321ec07431724538cc57
-
SHA256
f1c59b2b2af6c4b0969e2f90233a549889024581e5dc5c907ea7ae6bb11f2124
-
SHA512
4061236524cb521e2469a4859fa13c902a4319f8e1b949b5961baa99a5f30e8141ee81be8eb8280a7d5a096f3cff1b6e0e92061ee7f32fff4711d1f6feab1b64
-
SSDEEP
24576:A+R1Uk5wmxXw23IBaw94hNy8snN9ImsPeyl:7YG33odjda
Behavioral task
behavioral1
Sample
756ffe9058f1ea16e5fffa48902aa250_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
756ffe9058f1ea16e5fffa48902aa250_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
756ffe9058f1ea16e5fffa48902aa250_NeikiAnalytics.exe
-
Size
996KB
-
MD5
756ffe9058f1ea16e5fffa48902aa250
-
SHA1
fb29d766739ecd6be169321ec07431724538cc57
-
SHA256
f1c59b2b2af6c4b0969e2f90233a549889024581e5dc5c907ea7ae6bb11f2124
-
SHA512
4061236524cb521e2469a4859fa13c902a4319f8e1b949b5961baa99a5f30e8141ee81be8eb8280a7d5a096f3cff1b6e0e92061ee7f32fff4711d1f6feab1b64
-
SSDEEP
24576:A+R1Uk5wmxXw23IBaw94hNy8snN9ImsPeyl:7YG33odjda
Score10/10-
DcRat
DarkCrystal(DC) is a new .NET RAT active since June 2019 capable of loading additional plugins.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-