General
-
Target
5ff5051e549747f6bedd8bee29406760_NeikiAnalytics
-
Size
4.2MB
-
Sample
240510-yn2hpahg28
-
MD5
5ff5051e549747f6bedd8bee29406760
-
SHA1
a374166aaccbda485409926218cd2a98dfb35fc1
-
SHA256
8252ddb53b8b6564cb236c1693f8a9695ab9e48a90b3904a2bf7a34881e4c1f0
-
SHA512
fe28e001e44e67fc0b21edee572a9bcfa32f4eb91e29fb1d426281dc42f2c230d7c8a80693542502d9817df629547ca428257f08b45dfd70615715012a55026f
-
SSDEEP
98304:jd9IRzKP2vgMnK+lVsoVippEcnMR545balCTDAYPXbCz6pM:8RzYVMzVsppS89aH6LoKM
Static task
static1
Behavioral task
behavioral1
Sample
5ff5051e549747f6bedd8bee29406760_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5ff5051e549747f6bedd8bee29406760_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
5ff5051e549747f6bedd8bee29406760_NeikiAnalytics
-
Size
4.2MB
-
MD5
5ff5051e549747f6bedd8bee29406760
-
SHA1
a374166aaccbda485409926218cd2a98dfb35fc1
-
SHA256
8252ddb53b8b6564cb236c1693f8a9695ab9e48a90b3904a2bf7a34881e4c1f0
-
SHA512
fe28e001e44e67fc0b21edee572a9bcfa32f4eb91e29fb1d426281dc42f2c230d7c8a80693542502d9817df629547ca428257f08b45dfd70615715012a55026f
-
SSDEEP
98304:jd9IRzKP2vgMnK+lVsoVippEcnMR545balCTDAYPXbCz6pM:8RzYVMzVsppS89aH6LoKM
-
AgentTesla
Agent Tesla is a remote access tool (RAT) written in visual basic.
-
ElysiumStealer
ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
-
ElysiumStealer Support DLL
-
AgentTesla payload
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-