General
-
Target
a4f9439908485027616d321869703b90d26311278f3d71b10791aa91a8b8d456_NeikiAnalytics.exe
-
Size
3.2MB
-
Sample
240628-wt9p5s1elk
-
MD5
ced79cf3e0b5ce6a3abbc387d55dfca0
-
SHA1
201549066c593c337799506a1d8d8bc14ef184bc
-
SHA256
a4f9439908485027616d321869703b90d26311278f3d71b10791aa91a8b8d456
-
SHA512
b5fa722a2a27e3af40a8e1330cc2e90b5756cd540f4d60c44d185c266feaa585c6538e2069df63945b12fc090768a5fbef631edf61685db75b3167d038b00736
-
SSDEEP
49152:WkF40BmZDGBJPBMgdY2SZwIOvteLyxMIP4OxHiL6zNwu/0hBdH3XWnO:FSyL6zmquuBpnWnO
Malware Config
Targets
-
-
Target
a4f9439908485027616d321869703b90d26311278f3d71b10791aa91a8b8d456_NeikiAnalytics.exe
-
Size
3.2MB
-
MD5
ced79cf3e0b5ce6a3abbc387d55dfca0
-
SHA1
201549066c593c337799506a1d8d8bc14ef184bc
-
SHA256
a4f9439908485027616d321869703b90d26311278f3d71b10791aa91a8b8d456
-
SHA512
b5fa722a2a27e3af40a8e1330cc2e90b5756cd540f4d60c44d185c266feaa585c6538e2069df63945b12fc090768a5fbef631edf61685db75b3167d038b00736
-
SSDEEP
49152:WkF40BmZDGBJPBMgdY2SZwIOvteLyxMIP4OxHiL6zNwu/0hBdH3XWnO:FSyL6zmquuBpnWnO
Score10/10-
Detect Neshta payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-