Extracted

• • Target

    9b6e50c8c2915f239c1f49d286991e20_NeikiAnalytics

  • Size

    3.1MB

  • MD5

    9b6e50c8c2915f239c1f49d286991e20

  • SHA1

    6e6e3e37ce33c0b1da224329147690c8dbe31b9e

  • SHA256

    4640247488b055bc4df613532104de671b0c1a4a1d3c2876f108d90efa514321

  • SHA512

    be94004d0008f3fae13130fb17fb3e3a7a00d064a51729f6b3d9106fb65dccabdff26e2451f124d94fcb8c38f1c1460486f3270ebffdc773248938b3d1acc208

  • SSDEEP

    49152:6VDUTVgM5Jw1FexoMri7tCekuo305DVnqbTWKccGCKCztKq+86jBQDDIk9Yo3pOn:AwwwoMwWQ58TWPc+a8p8HopEOZx

  Score

  10^/10

  asyncratzgratzona6vippersistencerat

  • AsyncRat

    AsyncRAT is designed to remotely monitor and control other computers written in C#.

    ratasyncrat

  • Detect ZGRat V1

  • ZGRat

    ZGRat is remote access trojan written in C#.

    ratzgrat

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2