General
-
Target
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f_NeikiAnalytics.exe
-
Size
951KB
-
Sample
240623-n63hlatckl
-
MD5
6e87da68db7f0e2a244b9a7829e57dc0
-
SHA1
8858fd1bf85c20530456f49adfb899b25451a723
-
SHA256
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f
-
SHA512
9e28708b1fd77d22fe524283dad7ac1af1d167c920271b1c15f82fd3c62d6dfa8db2dd67da9b1379df2c2bce14e0d73e83e07034dea34232a32d4b9bb3553518
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT52:Rh+ZkldDPK8YaKj2
Static task
static1
Behavioral task
behavioral1
Sample
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f_NeikiAnalytics.exe
-
Size
951KB
-
MD5
6e87da68db7f0e2a244b9a7829e57dc0
-
SHA1
8858fd1bf85c20530456f49adfb899b25451a723
-
SHA256
6b094c8e849c55948c52a07a82b3263e795db71f9ebbadf68209fd61b460991f
-
SHA512
9e28708b1fd77d22fe524283dad7ac1af1d167c920271b1c15f82fd3c62d6dfa8db2dd67da9b1379df2c2bce14e0d73e83e07034dea34232a32d4b9bb3553518
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT52:Rh+ZkldDPK8YaKj2
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-