General
-
Target
8818e04f200ea91b90f953fd9096e55c69327579e8a721c34f8882349566f362_NeikiAnalytics.exe
-
Size
212KB
-
Sample
240628-gej4lswhkr
-
MD5
ca913ad22d2687fad741267872286550
-
SHA1
2aca0b25082ed5fcc5b883f2a1257e0bd43ca757
-
SHA256
8818e04f200ea91b90f953fd9096e55c69327579e8a721c34f8882349566f362
-
SHA512
cb16ab94b2bdc033aac8cb1a1aa434c07daec69b6bb09a9e1a5d50601a6a1b1f4c99f0258110610ac94ce43329d4b2064aed4ec69c77a71acca7f03cbd40216c
-
SSDEEP
6144:k9i3zD6JxLN4TpKk7kRe9ccraTp6F2yYaIFP/:dzDiNkpTwT
Malware Config
Targets
-
-
Target
8818e04f200ea91b90f953fd9096e55c69327579e8a721c34f8882349566f362_NeikiAnalytics.exe
-
Size
212KB
-
MD5
ca913ad22d2687fad741267872286550
-
SHA1
2aca0b25082ed5fcc5b883f2a1257e0bd43ca757
-
SHA256
8818e04f200ea91b90f953fd9096e55c69327579e8a721c34f8882349566f362
-
SHA512
cb16ab94b2bdc033aac8cb1a1aa434c07daec69b6bb09a9e1a5d50601a6a1b1f4c99f0258110610ac94ce43329d4b2064aed4ec69c77a71acca7f03cbd40216c
-
SSDEEP
6144:k9i3zD6JxLN4TpKk7kRe9ccraTp6F2yYaIFP/:dzDiNkpTwT
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-