General
-
Target
58f0f20d63b8f2ef1aade3d942c3894e8bad3b4c228e815b4e72e744e85dbb1e_NeikiAnalytics.exe
-
Size
456KB
-
Sample
240621-k1qp3ateqb
-
MD5
dee5e10e631204225e81fcbcb45fb5c0
-
SHA1
6f68b44e2c75b7ed05f5c6b0641b1fc2a34031ce
-
SHA256
58f0f20d63b8f2ef1aade3d942c3894e8bad3b4c228e815b4e72e744e85dbb1e
-
SHA512
a31345bafda8fe917e3d8797b2c106b1833ae1bc0a36e5d5c78cc5b3df55677b93033a5d7ad32e2e6968a984d61db38e5be9aa0a1b499d79086dcd94c3a07b38
-
SSDEEP
12288:hy903qOf5K+udWQH2uDuxPVT6c1uiWA5UqLRx+:hyIqL+udWHXx9umCAUq0
Static task
static1
Behavioral task
behavioral1
Sample
58f0f20d63b8f2ef1aade3d942c3894e8bad3b4c228e815b4e72e744e85dbb1e_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
xworm
5.0
skibidi.one:2709
91.92.250.4:2709
S3gZoltSWKOZChhU
-
install_file
USB.exe
Targets
-
-
Target
58f0f20d63b8f2ef1aade3d942c3894e8bad3b4c228e815b4e72e744e85dbb1e_NeikiAnalytics.exe
-
Size
456KB
-
MD5
dee5e10e631204225e81fcbcb45fb5c0
-
SHA1
6f68b44e2c75b7ed05f5c6b0641b1fc2a34031ce
-
SHA256
58f0f20d63b8f2ef1aade3d942c3894e8bad3b4c228e815b4e72e744e85dbb1e
-
SHA512
a31345bafda8fe917e3d8797b2c106b1833ae1bc0a36e5d5c78cc5b3df55677b93033a5d7ad32e2e6968a984d61db38e5be9aa0a1b499d79086dcd94c3a07b38
-
SSDEEP
12288:hy903qOf5K+udWQH2uDuxPVT6c1uiWA5UqLRx+:hyIqL+udWHXx9umCAUq0
Score10/10-
Detect Xworm Payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-