General
-
Target
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
-
Size
1.1MB
-
Sample
240629-xjmnaswhnj
-
MD5
bea1e7c2506fd615e692cde2aab07fc0
-
SHA1
8cffbe78c52071c3d483ff274089f3c03a72de50
-
SHA256
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87
-
SHA512
762164828dc431f6b09414c5ad1cbb7748c97864cd82b82f67e622b4ab2ab52073522a85db3dc25152434a34ca6e57a500d14d823a9278cd372fcc14993fc846
-
SSDEEP
24576:UAHnh+eWsN3skA4RV1Hom2KXMmHayZ9GnTOrQAA4bXV5:jh+ZkldoPK8YayfGnTYQAX
Static task
static1
Behavioral task
behavioral1
Sample
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
agenttesla
Protocol: smtp- Host:
cp8nl.hyperhost.ua - Port:
587 - Username:
[email protected] - Password:
vqpF.#QRT234 - Email To:
[email protected]
Targets
-
-
Target
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87_NeikiAnalytics.exe
-
Size
1.1MB
-
MD5
bea1e7c2506fd615e692cde2aab07fc0
-
SHA1
8cffbe78c52071c3d483ff274089f3c03a72de50
-
SHA256
b7dcd52295b489f64f89cfc9c7b68998ddeb58c8c3695a368a98bf30c57c4a87
-
SHA512
762164828dc431f6b09414c5ad1cbb7748c97864cd82b82f67e622b4ab2ab52073522a85db3dc25152434a34ca6e57a500d14d823a9278cd372fcc14993fc846
-
SSDEEP
24576:UAHnh+eWsN3skA4RV1Hom2KXMmHayZ9GnTOrQAA4bXV5:jh+ZkldoPK8YayfGnTYQAX
Score10/10-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
Suspicious use of SetThreadContext
-