General
-
Target
af9475bba93e59e96833db4ede3b6cf2afafbe137542492f0f165d5326a12368_NeikiAnalytics.exe
-
Size
78KB
-
Sample
240629-rzdsfazbpb
-
MD5
a277c784f97f346416d58daf7106aeb0
-
SHA1
c57c5ab4e8914e38f1743eef822144cebcd40bad
-
SHA256
af9475bba93e59e96833db4ede3b6cf2afafbe137542492f0f165d5326a12368
-
SHA512
d35f4a9f847cba3504e57531bfd4d709a3606821274cd1e3d248ffb735770f4e641086088a4de7b1b838308c882647420e572f8934f05c4eb2b81912c06ccdd5
-
SSDEEP
1536:DRWV58BXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt961T9/k1tt:DRWV58BSyRxvhTzXPvCbW2UGT9/a
Malware Config
Targets
-
-
Target
af9475bba93e59e96833db4ede3b6cf2afafbe137542492f0f165d5326a12368_NeikiAnalytics.exe
-
Size
78KB
-
MD5
a277c784f97f346416d58daf7106aeb0
-
SHA1
c57c5ab4e8914e38f1743eef822144cebcd40bad
-
SHA256
af9475bba93e59e96833db4ede3b6cf2afafbe137542492f0f165d5326a12368
-
SHA512
d35f4a9f847cba3504e57531bfd4d709a3606821274cd1e3d248ffb735770f4e641086088a4de7b1b838308c882647420e572f8934f05c4eb2b81912c06ccdd5
-
SSDEEP
1536:DRWV58BXT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt961T9/k1tt:DRWV58BSyRxvhTzXPvCbW2UGT9/a
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-