General
-
Target
c4f785f460253bb81df8a223e69ef780_NEIKI
-
Size
229KB
-
Sample
240509-b9dmesbg9w
-
MD5
c4f785f460253bb81df8a223e69ef780
-
SHA1
133602084cc244b9764f2e9eda9170ee147aac31
-
SHA256
e0511c949a942e2a384ba4a204a61a9c127e54352f28999c0b5896b07b0d80e9
-
SHA512
e8b77a2823df6119c297a4ee3239eca28c9da4dad232489e2b527d1615349f695a9e31a65c6c1b84ffd7dc329de4d2380f13f5c5b89cc0d00ad5484d19a8c01e
-
SSDEEP
3072:upA+qOlFNu/GZui1xVF0DWBeAAJewDuDPmIQjcCQNeVcHCDzN7:sNlS/8u2VFMetIjNJciN
Static task
static1
Behavioral task
behavioral1
Sample
c4f785f460253bb81df8a223e69ef780_NEIKI.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c4f785f460253bb81df8a223e69ef780_NEIKI.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
c4f785f460253bb81df8a223e69ef780_NEIKI
-
Size
229KB
-
MD5
c4f785f460253bb81df8a223e69ef780
-
SHA1
133602084cc244b9764f2e9eda9170ee147aac31
-
SHA256
e0511c949a942e2a384ba4a204a61a9c127e54352f28999c0b5896b07b0d80e9
-
SHA512
e8b77a2823df6119c297a4ee3239eca28c9da4dad232489e2b527d1615349f695a9e31a65c6c1b84ffd7dc329de4d2380f13f5c5b89cc0d00ad5484d19a8c01e
-
SSDEEP
3072:upA+qOlFNu/GZui1xVF0DWBeAAJewDuDPmIQjcCQNeVcHCDzN7:sNlS/8u2VFMetIjNJciN
Score10/10-
Deletes itself
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-