Overview

overview

10

Static

static

10

нонев...te.exe

windows7-x64

1

нонев...te.exe

windows10-2004-x64

10

нонев...ka.exe

windows7-x64

1

нонев...ka.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ноневклид.rar

  • Size

    36.4MB

  • MD5

    21673d046a45cb909157fcb14a96edd6

  • SHA1

    3025872a3df0e457e066d4b7b754a6fa4469b1e9

  • SHA256

    a9afbd8a837a2b009b72e8420c94486a53d5750604d1e90d4a904ead2a0ff6aa

  • SHA512

    8c92c554f28d1083d0912e474594a2c8e833f76575f333af0adee076895a8812cf1cfff68453d9386882b044c084671e8520055deb9948aaf9dbf8ac459ee678

  • SSDEEP

    786432:RFLk1VdxxmNaUv/KO+PTFNO7UytxdAHvBlEwWnEmvsvXdags1MLbDFqaiO:RFLMVxmNxHKlPRNOttxgvDEHnxvswl6B

Score
10/10
ratneshtaasyncrat

Malware Config

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Detect Neshta payload 1 IoCs
  • Neshta family
    neshta
  • Unsigned PE 73 IoCs

    Checks for missing Authenticode signature.

Files

  • ноневклид.rar
    .rar
  • ноневклид/BouncyCastle.Crypto.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Castle.Core.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/ClientsFolder/david BYEDEARKB/Information/Information.txt
  • ноневклид/ClientsFolder/david BYEDEARKB/Keylogger/04-04-2023.txt
  • ноневклид/ClientsFolder/david BYEDEARKB/Keylogger/04-05-2023.txt
  • ноневклид/ClientsFolder/david BYEDEARKB/WinLock.txt
  • ноневклид/ControlzEx.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/Data/DataConnect.txt
  • ноневклид/Data/NewClientData.txt
  • ноневклид/EntityFramework.SqlServer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/EntityFramework.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/FastColoredTextBox.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/GMap.NET.Core.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/GMap.NET.WindowsForms.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/GMap.NET.WindowsPresentation.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/IconExtractor.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Image/1500349395_tumblr_nhsqy93xiU1u79o2lo1_1280.gif
    .gif
  • ноневклид/Image/IcR3.gif
    .gif
  • ноневклид/Image/Region-Capture2.jpg
    .jpg
  • ноневклид/Image/john-bigorgne-hacker-space-new-flatten.jpg
    .jpg
  • ноневклид/Image/regnum_picture_1495804324951312_normal.jpeg
    .jpg
  • ноневклид/Image/spe.gif
    .gif
  • ноневклид/MahApps.Metro.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/Majestic Rulete.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Majestic Ruletka.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/MessagePack.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/MetroFramework.Fonts.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/MetroFramework.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Microsoft.Xaml.Behaviors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/NAudio.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Newtonsoft.Json.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/NonEvclid.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/NonEvclid.exe.config
    .xml
  • ноневклид/PeNet.Asn1.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/PeNet.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Audio.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/AutoRun.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Brute.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Chat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Clipboard.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Extra.dll
    .dll .ps1 windows:4 windows x86 arch:x86 polyglot

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/FileManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/FileSearcher.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Fun.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Information.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Logger.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Maps.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/MediaMenagment.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Mic.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/MinerEtc.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Miscellaneous.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Netstat.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/NewPlugin.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Options.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Piano.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/ProcessManager.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Ransomware.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Recovery.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Regedit.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/RemoteCamera.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/RemoteDesktop.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/ReversePort.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/ReverseProxy.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/ScanPorts.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Screamer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/SendFile.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/SendMemory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Service.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Sheduler.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/Signature AntiVirus.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/WinLock.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Plugins/WinlockBild.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Plugins/WormUsb.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/cliper.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Plugins/ethminer
    .exe windows:6 windows x64 arch:x64

    601d901af8200f541117a59e7736bfef


    Headers

    Imports

    Exports

    Sections

  • ноневклид/SimpleMsgPack.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Sound/Online.wav
  • ноневклид/Sound/Piano/WEP sus m3 A3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 B3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 C#3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 C3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 C4 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 D#3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 D3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 E3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 F#3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 F3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 G#3 -11.wav
  • ноневклид/Sound/Piano/WEP sus m3 G3 -11.wav
  • ноневклид/Sound/Sound1.wav
  • ноневклид/Sound/Sound2.wav
  • ноневклид/Sound/Sound3.wav
  • ноневклид/Sound/Sound4.wav
  • ноневклид/Sound/Sound5.wav
  • ноневклид/Sound/Sound6.wav
  • ноневклид/Stub/Client.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/Criptor.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/Loader.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/net5.0/Obfs.deps.json
  • ноневклид/Stub/net5.0/Obfs.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/net5.0/Obfs.exe
    .exe windows:6 windows x64 arch:x64

    e136c78efac5157bdb78b75c07967d98


    Headers

    Imports

    Sections

  • ноневклид/Stub/net5.0/Obfs.runtimeconfig.dev.json
  • ноневклид/Stub/net5.0/Obfs.runtimeconfig.json
  • ноневклид/Stub/net5.0/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Stub/net5.0/ref/Obfs.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/netcoreapp5.0/Obfuscator.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/Stub/netcoreapp5.0/Obfuscator.exe
    .exe windows:6 windows x64 arch:x64

    e136c78efac5157bdb78b75c07967d98


    Headers

    Imports

    Sections

  • ноневклид/Stub/netcoreapp5.0/Obfuscator.runtimeconfig.dev.json
  • ноневклид/Stub/netcoreapp5.0/Obfuscator.runtimeconfig.json
  • ноневклид/Stub/netcoreapp5.0/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/Stub/netcoreapp5.0/ref/Obfuscator.dll
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • ноневклид/System.Buffers.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Collections.Immutable.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Data.SQLite.EF6.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Data.SQLite.Linq.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Data.SQLite.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Memory.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Numerics.Vectors.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Runtime.CompilerServices.Unsafe.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Security.Cryptography.Pkcs.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Security.Principal.Windows.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/System.Threading.Thread.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ноневклид/Vestris.ResourceLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/cGeoIp.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/dnlib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/p3a0BWJnhajf_Hxs-TIhiaU0GmYyTOEU4R49mn9JIOUgOAe_sKCchSRbDLpPqW0JZ3LLGv_-4mE3s_PkEext3G8u.exe
    .jpg
  • ноневклид/p3a0BWJnhajf_Hxs-TIhiaU0GmYyTOEU4R49mn9JIOUgOAe_sKCchSRbDLpPqW0JZ3LLGv_-4mE3s_PkEext3G8u.jpg
    .jpg
  • ноневклид/protobuf-net.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • ноневклид/x64/SQLite.Interop.dll
    .dll windows:6 windows x64 arch:x64

    4d89a952ac41120980d9cfdb38c0cf09


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ноневклид/x86/SQLite.Interop.dll
    .dll windows:6 windows x86 arch:x86

    edd360b0aa4db36e0d6f43e2fd7ac849


    Code Sign

    Headers

    Imports

    Exports

    Sections