General
-
Target
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81_NeikiAnalytics.exe
-
Size
3.7MB
-
Sample
240622-dvt2zazanm
-
MD5
b462002b5d120f38d0a8e882bb114140
-
SHA1
fc6824f193a8318aa13fd054b02360b01794bc3c
-
SHA256
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81
-
SHA512
3e52b0a28abec38c1d2a28b00987c17f0001192f974bd749fa4e96fb3ae2f555c3edb7b0704b00700eb824fd64cf643812dc6cc53ba71c24ce0ce2429362be13
-
SSDEEP
49152:zSgRueDJQqIIE1RlUkYRctono2t1dMz/n6DcQYfbocZTXKHC:lPEn2tkD6FSwC
Behavioral task
behavioral1
Sample
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81_NeikiAnalytics.exe
-
Size
3.7MB
-
MD5
b462002b5d120f38d0a8e882bb114140
-
SHA1
fc6824f193a8318aa13fd054b02360b01794bc3c
-
SHA256
7beb385c9a98d11b498784e9a27a4a05ba3563e2f05af794b88e0a3621b2af81
-
SHA512
3e52b0a28abec38c1d2a28b00987c17f0001192f974bd749fa4e96fb3ae2f555c3edb7b0704b00700eb824fd64cf643812dc6cc53ba71c24ce0ce2429362be13
-
SSDEEP
49152:zSgRueDJQqIIE1RlUkYRctono2t1dMz/n6DcQYfbocZTXKHC:lPEn2tkD6FSwC
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-