General
-
Target
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b_NeikiAnalytics.exe
-
Size
158KB
-
Sample
240628-nd85nswglc
-
MD5
9946e148b483ec9ffbaa721c4ba7d2a0
-
SHA1
768e539ccade7b6baa9df2f36590ac8a3d7105c6
-
SHA256
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b
-
SHA512
f1832200c7896f997a6e4c35e4130ab4eb81d10fcabc9dd643cfea6e30dfcfe6da4962dc41ef9f80497fa531cb8a32dc4c5c507640162d913fbcb8f55afbe04c
-
SSDEEP
3072:3RTddwY0JwsR4TbswYqkX5bEdGDOjESHhddJWjjY/ffIg0ju2UBsDMmYTddwY0Je:3BIMT7
Static task
static1
Behavioral task
behavioral1
Sample
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b_NeikiAnalytics.exe
-
Size
158KB
-
MD5
9946e148b483ec9ffbaa721c4ba7d2a0
-
SHA1
768e539ccade7b6baa9df2f36590ac8a3d7105c6
-
SHA256
95342506ae387147159242d5efdb3ea052e75dcaeae043cdd5fef423839eb07b
-
SHA512
f1832200c7896f997a6e4c35e4130ab4eb81d10fcabc9dd643cfea6e30dfcfe6da4962dc41ef9f80497fa531cb8a32dc4c5c507640162d913fbcb8f55afbe04c
-
SSDEEP
3072:3RTddwY0JwsR4TbswYqkX5bEdGDOjESHhddJWjjY/ffIg0ju2UBsDMmYTddwY0Je:3BIMT7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-