General
-
Target
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65_NeikiAnalytics.exe
-
Size
5.0MB
-
Sample
240701-cre8zatamf
-
MD5
5c66b886beefc9589ed9db5e15cf0780
-
SHA1
8b79be9b191a812131ffc663341c6dc549d15899
-
SHA256
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65
-
SHA512
4e7401bd22fc006ae1ba19cd704ed27e2905f983ecd45564394123876e053881e44a9125d1a2e84bd77401238dea4866983743de93b8be4b7171b8d56ab6f35f
-
SSDEEP
98304:mhu+9xGgU8AJ+fjOwgC30JuQszCRyOzoNDkhzowGLT9WOvMePQDv/aId:Wu+TjSAjONQBOsNohUwm9lvMgq/aId
Static task
static1
Behavioral task
behavioral1
Sample
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
socks5systemz
ezdixir.ua
aipqgda.ru
Targets
-
-
Target
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65_NeikiAnalytics.exe
-
Size
5.0MB
-
MD5
5c66b886beefc9589ed9db5e15cf0780
-
SHA1
8b79be9b191a812131ffc663341c6dc549d15899
-
SHA256
2e2d0faa0bd89ea7ee56c0193350d98941bbe99f3eac35424bbfee5c24305e65
-
SHA512
4e7401bd22fc006ae1ba19cd704ed27e2905f983ecd45564394123876e053881e44a9125d1a2e84bd77401238dea4866983743de93b8be4b7171b8d56ab6f35f
-
SSDEEP
98304:mhu+9xGgU8AJ+fjOwgC30JuQszCRyOzoNDkhzowGLT9WOvMePQDv/aId:Wu+TjSAjONQBOsNohUwm9lvMgq/aId
Score10/10-
Detect Socks5Systemz Payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-