General
-
Target
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be_NeikiAnalytics.exe
-
Size
520KB
-
Sample
240701-c6ldjateja
-
MD5
9796eb898d3dd8b1bb02fa21b3f653e0
-
SHA1
4265029d07074436a1843c343a06f47f9d2c099b
-
SHA256
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be
-
SHA512
e63a634b40e227bfbd5cb7fe63425f3be30fa12929529e9e440453b9b19840508b20119ac8b84ea0cb73b40e3103633dedb833ceed8b47fda98c667fce14672a
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbx:f9fC3hh29Ya77A90aFtDfT5IMbx
Static task
static1
Behavioral task
behavioral1
Sample
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
darkcomet
PrivateEye
ratblackshades.no-ip.biz:1604
DC_MUTEX-ACC1R98
-
gencode
8GG5LVVGljSF
-
install
false
-
offline_keylogger
true
-
persistence
false
Targets
-
-
Target
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be_NeikiAnalytics.exe
-
Size
520KB
-
MD5
9796eb898d3dd8b1bb02fa21b3f653e0
-
SHA1
4265029d07074436a1843c343a06f47f9d2c099b
-
SHA256
2f5a4ef689e44124705c9f4c288e62ba7771b58e408aa9295db061eee333b8be
-
SHA512
e63a634b40e227bfbd5cb7fe63425f3be30fa12929529e9e440453b9b19840508b20119ac8b84ea0cb73b40e3103633dedb833ceed8b47fda98c667fce14672a
-
SSDEEP
6144:f9GGo2CwtGg6eeihEfph2CMvvqqSaYwpncOeC66AOa0aFtVEQfTo1ozVqMbx:f9fC3hh29Ya77A90aFtDfT5IMbx
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-