General
-
Target
02c81fd64990d84926c9af666d2fbe8a211a5381ab9193991ac76842db6d9f2d_NeikiAnalytics.exe
-
Size
62KB
-
Sample
240630-kfas4sydmp
-
MD5
09e3d7f7cf1bd55abfbb5dc449d11240
-
SHA1
19455e10349f367fc8041d0bd35ece8ab53235e4
-
SHA256
02c81fd64990d84926c9af666d2fbe8a211a5381ab9193991ac76842db6d9f2d
-
SHA512
fdc542b1f251b82dcaf735486d760ecd13259a3440eb79937d45bba0af0a0e5e8c8003315d7c4613408773d0924080023ae274ab1ddb8b3b5517fb1a3cda31f1
-
SSDEEP
1536:SZOPH9F4s1THE6HjpeeCglUGbbXwACbCg7JGbtpqKmY7:SZOPH9F4sBHLj8ep+GbbX2bCgG2z
Behavioral task
behavioral1
Sample
02c81fd64990d84926c9af666d2fbe8a211a5381ab9193991ac76842db6d9f2d_NeikiAnalytics.exe
Resource
win7-20240611-en
Malware Config
Extracted
asyncrat
0.0.1
Default
47.242.70.176:8848
DcRatMutex_qwqdanchun
-
delay
1
-
install
true
-
install_file
Client Server Runtime Process.exe
-
install_folder
%Temp%
Targets
-
-
Target
02c81fd64990d84926c9af666d2fbe8a211a5381ab9193991ac76842db6d9f2d_NeikiAnalytics.exe
-
Size
62KB
-
MD5
09e3d7f7cf1bd55abfbb5dc449d11240
-
SHA1
19455e10349f367fc8041d0bd35ece8ab53235e4
-
SHA256
02c81fd64990d84926c9af666d2fbe8a211a5381ab9193991ac76842db6d9f2d
-
SHA512
fdc542b1f251b82dcaf735486d760ecd13259a3440eb79937d45bba0af0a0e5e8c8003315d7c4613408773d0924080023ae274ab1ddb8b3b5517fb1a3cda31f1
-
SSDEEP
1536:SZOPH9F4s1THE6HjpeeCglUGbbXwACbCg7JGbtpqKmY7:SZOPH9F4sBHLj8ep+GbbX2bCgG2z
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-