General
-
Target
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001_NeikiAnalytics.exe
-
Size
520KB
-
Sample
240628-j5chkazamc
-
MD5
42bf129f0e8e8684a73343957010c260
-
SHA1
08a53f4ec0df529165714bad851c348d064bf18d
-
SHA256
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001
-
SHA512
b370798551811e508a96d0fbf71f796f38a272ac6b31269a358d4325d1a0de4499b6d068d826dd51eba6a7dd59d9b20e643407a39ab2169283fc3421d82df022
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbQ:f9fC3hh29Ya77A90aFtDfT5IMbQ
Static task
static1
Behavioral task
behavioral1
Sample
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
darkcomet
PrivateEye
ratblackshades.no-ip.biz:1604
DC_MUTEX-ACC1R98
-
gencode
8GG5LVVGljSF
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001_NeikiAnalytics.exe
-
Size
520KB
-
MD5
42bf129f0e8e8684a73343957010c260
-
SHA1
08a53f4ec0df529165714bad851c348d064bf18d
-
SHA256
8e41a1f9b8d1af6933a29a5864130f5d9f30dd8a8bd6571cd208fc20db473001
-
SHA512
b370798551811e508a96d0fbf71f796f38a272ac6b31269a358d4325d1a0de4499b6d068d826dd51eba6a7dd59d9b20e643407a39ab2169283fc3421d82df022
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbQ:f9fC3hh29Ya77A90aFtDfT5IMbQ
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-