General
-
Target
874f0118364b3b6a779c152eef6a80d0_NEIKI
-
Size
828KB
-
Sample
240508-nmqppacg83
-
MD5
874f0118364b3b6a779c152eef6a80d0
-
SHA1
682a22a08a05b309bfe80a4894e93de0d892c6e3
-
SHA256
02c468753c3abc1ed70a55f0cdede5c47b32a80c068348be67471e5e1d88104c
-
SHA512
10670d9e51d3fff3c91facd3f6fa6bcf1d165156364134a77863626dfcb8a3dba6772dd8388d80417f6eb78598b9a6c689187e45f4f9470286bc23a0a0506642
-
SSDEEP
24576:Ny+vejioKutJaKLrDRqb8gA6butMvZxRPp:onjiohrrNo57F
Static task
static1
Behavioral task
behavioral1
Sample
874f0118364b3b6a779c152eef6a80d0_NEIKI.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
874f0118364b3b6a779c152eef6a80d0_NEIKI
-
Size
828KB
-
MD5
874f0118364b3b6a779c152eef6a80d0
-
SHA1
682a22a08a05b309bfe80a4894e93de0d892c6e3
-
SHA256
02c468753c3abc1ed70a55f0cdede5c47b32a80c068348be67471e5e1d88104c
-
SHA512
10670d9e51d3fff3c91facd3f6fa6bcf1d165156364134a77863626dfcb8a3dba6772dd8388d80417f6eb78598b9a6c689187e45f4f9470286bc23a0a0506642
-
SSDEEP
24576:Ny+vejioKutJaKLrDRqb8gA6butMvZxRPp:onjiohrrNo57F
-
Detect ZGRat V1
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1