General
-
Target
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d_NeikiAnalytics.exe
-
Size
951KB
-
Sample
240701-h1eaxsscqr
-
MD5
0678e0cc60fbb9cc92b4b8ca13431890
-
SHA1
36c55e4ae2010cb4c360f8869967d4a6b35d5bde
-
SHA256
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d
-
SHA512
a2546f48c3273afd195bb51321d653378980aa5f284310bac566052dcac347bbb93a276fcf2bda5737803ed573e0919bce13af340f904f782e0c9999f81aa32e
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT54:Rh+ZkldDPK8YaKj4
Static task
static1
Behavioral task
behavioral1
Sample
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
revengerat
Marzo26
marzorevenger.duckdns.org:4230
RV_MUTEX-PiGGjjtnxDpn
Targets
-
-
Target
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d_NeikiAnalytics.exe
-
Size
951KB
-
MD5
0678e0cc60fbb9cc92b4b8ca13431890
-
SHA1
36c55e4ae2010cb4c360f8869967d4a6b35d5bde
-
SHA256
3ebba57079bf3aace31f91c61cdac9d635ecc01691f6ec49c30d95549aeb6c6d
-
SHA512
a2546f48c3273afd195bb51321d653378980aa5f284310bac566052dcac347bbb93a276fcf2bda5737803ed573e0919bce13af340f904f782e0c9999f81aa32e
-
SSDEEP
24576:2AHnh+eWsN3skA4RV1HDm2KXMmHaKZT54:Rh+ZkldDPK8YaKj4
Score10/10-
Drops startup file
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-