General

  • Target

    446bbcd1b1286fb3181f446312df1500_NeikiAnalytics

  • Size

    591KB

  • Sample

    240511-bc1qpacb2s

  • MD5

    446bbcd1b1286fb3181f446312df1500

  • SHA1

    bbbd0fb3daf71deadf748120ed4c2760194d72dc

  • SHA256

    cdb2cf292a9680a20c3a600bc9c5eb2d76252c6ba3a4edd9154158d855694b30

  • SHA512

    c95a34e7f10e1cfa126d8bf8af3ae099a2bc3a6b46acb8e42900ea1c00387c1d9c29d5ee900999d092e392bde5c21c5ec922855a0cf1bb39a2e21ac6eb8c5094

  • SSDEEP

    12288:by905/BrsrSS900VazoYYK+faypu4niRg6Jli4gNPUR0FlkA:byy/JrX3+ZpusiWM8NPC0FlR

Malware Config

Targets

    • Target

      446bbcd1b1286fb3181f446312df1500_NeikiAnalytics

    • Size

      591KB

    • MD5

      446bbcd1b1286fb3181f446312df1500

    • SHA1

      bbbd0fb3daf71deadf748120ed4c2760194d72dc

    • SHA256

      cdb2cf292a9680a20c3a600bc9c5eb2d76252c6ba3a4edd9154158d855694b30

    • SHA512

      c95a34e7f10e1cfa126d8bf8af3ae099a2bc3a6b46acb8e42900ea1c00387c1d9c29d5ee900999d092e392bde5c21c5ec922855a0cf1bb39a2e21ac6eb8c5094

    • SSDEEP

      12288:by905/BrsrSS900VazoYYK+faypu4niRg6Jli4gNPUR0FlkA:byy/JrX3+ZpusiWM8NPC0FlR

    • Detect ZGRat V1

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.