General
-
Target
1f2775f52d529d64e3f4631d162bc16d57e4bc4712ae4f63020f6ce6b2fc7a36_NeikiAnalytics.exe
-
Size
87KB
-
Sample
240620-3tapdaxbkr
-
MD5
8135c81a0fe3165a6d1b9191b785c970
-
SHA1
cced56cf6536bdcabb14cbb79451dd289a3693bc
-
SHA256
1f2775f52d529d64e3f4631d162bc16d57e4bc4712ae4f63020f6ce6b2fc7a36
-
SHA512
f27030f70f62d864888032c9c80961802fa544a59e0a59a101ebae3205469394c1918b176ed72f84113028741595725d85b1841986a0a8c5798ac32d18935eb3
-
SSDEEP
1536:D3ScSeuCQ5CvP3ErbK0GsA1Irn6ykkXERklFceLnFaswUemjmh5WGiirTb9Qyzq:DSleucPUXKhsmIGZkXYUJFg5fRiaTRa
Behavioral task
behavioral1
Sample
1f2775f52d529d64e3f4631d162bc16d57e4bc4712ae4f63020f6ce6b2fc7a36_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
1f2775f52d529d64e3f4631d162bc16d57e4bc4712ae4f63020f6ce6b2fc7a36_NeikiAnalytics.exe
-
Size
87KB
-
MD5
8135c81a0fe3165a6d1b9191b785c970
-
SHA1
cced56cf6536bdcabb14cbb79451dd289a3693bc
-
SHA256
1f2775f52d529d64e3f4631d162bc16d57e4bc4712ae4f63020f6ce6b2fc7a36
-
SHA512
f27030f70f62d864888032c9c80961802fa544a59e0a59a101ebae3205469394c1918b176ed72f84113028741595725d85b1841986a0a8c5798ac32d18935eb3
-
SSDEEP
1536:D3ScSeuCQ5CvP3ErbK0GsA1Irn6ykkXERklFceLnFaswUemjmh5WGiirTb9Qyzq:DSleucPUXKhsmIGZkXYUJFg5fRiaTRa
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-