General
-
Target
99c1b28f6c3db44a1ababd090c224477cdd366925979aa64a116751e896cc0ee_NeikiAnalytics.exe
-
Size
495KB
-
Sample
240628-qk3bta1fpg
-
MD5
34e47bcc8587cee1f231c1a8c77d2db0
-
SHA1
d583dd6af91babe860ef2126b3558659c1036e14
-
SHA256
99c1b28f6c3db44a1ababd090c224477cdd366925979aa64a116751e896cc0ee
-
SHA512
bb57fee6ae85c72a0fbee9af0d5ac45e5439adf988d34671451acb7d60af1aee01e4a38ce03732458e4e8a845812bc71446c462ce1613d75261802fb049c656c
-
SSDEEP
12288:A//vi9B1CSCu46FURKa8ORQUgtFx+ASx0PqL6WW7qwRArFS:2w3sAaXunn+wQFS
Malware Config
Targets
-
-
Target
99c1b28f6c3db44a1ababd090c224477cdd366925979aa64a116751e896cc0ee_NeikiAnalytics.exe
-
Size
495KB
-
MD5
34e47bcc8587cee1f231c1a8c77d2db0
-
SHA1
d583dd6af91babe860ef2126b3558659c1036e14
-
SHA256
99c1b28f6c3db44a1ababd090c224477cdd366925979aa64a116751e896cc0ee
-
SHA512
bb57fee6ae85c72a0fbee9af0d5ac45e5439adf988d34671451acb7d60af1aee01e4a38ce03732458e4e8a845812bc71446c462ce1613d75261802fb049c656c
-
SSDEEP
12288:A//vi9B1CSCu46FURKa8ORQUgtFx+ASx0PqL6WW7qwRArFS:2w3sAaXunn+wQFS
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-