General
-
Target
b11b7c355e0a8eaf0b87779a0e9d590db271b4fc2860dcf134121823f5f7de49_NeikiAnalytics.exe
-
Size
290KB
-
Sample
240629-stem8azfmf
-
MD5
1c2028d3493c84cf8419bb8162bcd2b0
-
SHA1
b261300370d74f47880ef8f4f464cad32c883c14
-
SHA256
b11b7c355e0a8eaf0b87779a0e9d590db271b4fc2860dcf134121823f5f7de49
-
SHA512
9a374bc463f991973144dda0aec37933c90dc8ba105dd747617f1137b45504ea17ae9bf23e3c7f4f3cb0bf272e4d4d09c8a47f10a0c4383201e00948cad0d50f
-
SSDEEP
6144:bjluQoSsqaxIo5R4nM/cl4F4s1nq8qWDwuyC6PHo/G7Qrb0ovWPYBG1y:bEQoSx0q1TaYWsuyCJ/GKb0ov2YB9
Malware Config
Targets
-
-
Target
b11b7c355e0a8eaf0b87779a0e9d590db271b4fc2860dcf134121823f5f7de49_NeikiAnalytics.exe
-
Size
290KB
-
MD5
1c2028d3493c84cf8419bb8162bcd2b0
-
SHA1
b261300370d74f47880ef8f4f464cad32c883c14
-
SHA256
b11b7c355e0a8eaf0b87779a0e9d590db271b4fc2860dcf134121823f5f7de49
-
SHA512
9a374bc463f991973144dda0aec37933c90dc8ba105dd747617f1137b45504ea17ae9bf23e3c7f4f3cb0bf272e4d4d09c8a47f10a0c4383201e00948cad0d50f
-
SSDEEP
6144:bjluQoSsqaxIo5R4nM/cl4F4s1nq8qWDwuyC6PHo/G7Qrb0ovWPYBG1y:bEQoSx0q1TaYWsuyCJ/GKb0ov2YB9
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-