Extracted

• • Target

    6c944ec9dd6b3990dbba4d421aacf330_NeikiAnalytics

  • Size

    240KB

  • MD5

    6c944ec9dd6b3990dbba4d421aacf330

  • SHA1

    e19c892d1c751d33cdd362becde2889728dfe619

  • SHA256

    96f676302c9597eeaffb15f18b486122eb97401065d7f972d053a936895942cc

  • SHA512

    4c40f98a94b0bbef249d9b777e0b1a00cec4077f73b2c3f457e12ce8c7a3f5166d89d7f5391dd15e39cc5ddb536a88c1347fa3cf7281c8863a4b95d4f2764009

  • SSDEEP

    6144:h7NVKgGkhzVbsFftz9lD79QF08KahRdu:5KgLVUbJ79QF6ahzu

  Score

  10^/10

  stealcdefault100discoveryspywarestealer

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc

  • Downloads MZ/PE file

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2