General
-
Target
25b6c8b51b839bc310e54200948099b5d16eb6a3f5ef6165c7a9f21c08b99d59_NeikiAnalytics.exe
-
Size
100KB
-
Sample
240701-ae41fstbll
-
MD5
d1d73678477e150ceebbfc9daec53070
-
SHA1
5f8597ad91251c6f13d13596864a5dfd542872b4
-
SHA256
25b6c8b51b839bc310e54200948099b5d16eb6a3f5ef6165c7a9f21c08b99d59
-
SHA512
bf70ce0429791261c030dff001077fdc950d5183b1afac03e0cfe5ef75115243e24f878c1eaead7d9bdcc1b6353c550e2c7fd78d33ead300b12c4cd2b54c837d
-
SSDEEP
1536:YyYCkvjnFk/6jW8JX/3jtzUYx5QRpeTi+ORyBeRQ2R:YyY1bFCcW8JX/zeYxVT8RMeye
Static task
static1
Behavioral task
behavioral1
Sample
25b6c8b51b839bc310e54200948099b5d16eb6a3f5ef6165c7a9f21c08b99d59_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
25b6c8b51b839bc310e54200948099b5d16eb6a3f5ef6165c7a9f21c08b99d59_NeikiAnalytics.exe
-
Size
100KB
-
MD5
d1d73678477e150ceebbfc9daec53070
-
SHA1
5f8597ad91251c6f13d13596864a5dfd542872b4
-
SHA256
25b6c8b51b839bc310e54200948099b5d16eb6a3f5ef6165c7a9f21c08b99d59
-
SHA512
bf70ce0429791261c030dff001077fdc950d5183b1afac03e0cfe5ef75115243e24f878c1eaead7d9bdcc1b6353c550e2c7fd78d33ead300b12c4cd2b54c837d
-
SSDEEP
1536:YyYCkvjnFk/6jW8JX/3jtzUYx5QRpeTi+ORyBeRQ2R:YyY1bFCcW8JX/zeYxVT8RMeye
-
Detect Neshta payload
-
Detect Xworm Payload
-
Neshta
Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-