General
-
Target
41a3b7b239235d9f08eb846e9a3a8f36d1f2895a0cad4afae4122172dc4a5f32_NeikiAnalytics.exe
-
Size
1.1MB
-
Sample
240701-jwamlszgke
-
MD5
10c8db74287c98cc35ca8ab4e4666440
-
SHA1
14a96cc91f60fab588be402eb31f2cef68ecaf7d
-
SHA256
41a3b7b239235d9f08eb846e9a3a8f36d1f2895a0cad4afae4122172dc4a5f32
-
SHA512
c65ace97c88a4de13391b3482df648a3c625582c35e1bdbf18b60a092c0c7ddb51b56829cd7839ab20c12b8bcceac94a196c077126c7c32874dda2916454779b
-
SSDEEP
24576:sWuslts2A+PGfik5CybZ5WkqjmzK+nwv+92OXxwuLrU:Bh6vft5CSZ5qsP8wrU
Malware Config
Targets
-
-
Target
41a3b7b239235d9f08eb846e9a3a8f36d1f2895a0cad4afae4122172dc4a5f32_NeikiAnalytics.exe
-
Size
1.1MB
-
MD5
10c8db74287c98cc35ca8ab4e4666440
-
SHA1
14a96cc91f60fab588be402eb31f2cef68ecaf7d
-
SHA256
41a3b7b239235d9f08eb846e9a3a8f36d1f2895a0cad4afae4122172dc4a5f32
-
SHA512
c65ace97c88a4de13391b3482df648a3c625582c35e1bdbf18b60a092c0c7ddb51b56829cd7839ab20c12b8bcceac94a196c077126c7c32874dda2916454779b
-
SSDEEP
24576:sWuslts2A+PGfik5CybZ5WkqjmzK+nwv+92OXxwuLrU:Bh6vft5CSZ5qsP8wrU
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-