General
-
Target
35e4785db7e1874206587b22d8f3e09ae965b1cbeab7699f2dab10e3f7fbb1fc_NeikiAnalytics.exe
-
Size
773KB
-
Sample
240621-dyl6jaxcjc
-
MD5
7b8f27c6590b1e5714b60254f6f46860
-
SHA1
7b1571e1d8b1eb57f86e1516039be20576e36b6d
-
SHA256
35e4785db7e1874206587b22d8f3e09ae965b1cbeab7699f2dab10e3f7fbb1fc
-
SHA512
4717f274dfe81144208f77f19f6678091775258bd25e4754253811bcf14138b1a863a1f2565a37faa129d4059776fff30e868430e8b3c8740c1715c15ea852d3
-
SSDEEP
12288:kV6Dq6mhsKRmgVC3LVO6OFYZUArACiu4m2DVdAA:k6KIgeVOj0NrAHZfA
Static task
static1
Behavioral task
behavioral1
Sample
35e4785db7e1874206587b22d8f3e09ae965b1cbeab7699f2dab10e3f7fbb1fc_NeikiAnalytics.exe
Resource
win7-20240419-en
Malware Config
Extracted
xworm
192.168.190.151:7000
-
Install_directory
%AppData%
-
install_file
XClient.exe
Targets
-
-
Target
35e4785db7e1874206587b22d8f3e09ae965b1cbeab7699f2dab10e3f7fbb1fc_NeikiAnalytics.exe
-
Size
773KB
-
MD5
7b8f27c6590b1e5714b60254f6f46860
-
SHA1
7b1571e1d8b1eb57f86e1516039be20576e36b6d
-
SHA256
35e4785db7e1874206587b22d8f3e09ae965b1cbeab7699f2dab10e3f7fbb1fc
-
SHA512
4717f274dfe81144208f77f19f6678091775258bd25e4754253811bcf14138b1a863a1f2565a37faa129d4059776fff30e868430e8b3c8740c1715c15ea852d3
-
SSDEEP
12288:kV6Dq6mhsKRmgVC3LVO6OFYZUArACiu4m2DVdAA:k6KIgeVOj0NrAHZfA
-
Detect Xworm Payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-