General
-
Target
d96da6b249900de66bdb82bb6219b7b0_NeikiAnalytics.exe
-
Size
904KB
-
Sample
240519-r2fd2sca7v
-
MD5
d96da6b249900de66bdb82bb6219b7b0
-
SHA1
8babfbe8640ee8baac11a503cae84b42f5882260
-
SHA256
b801af6d2d7ac10b1ba2fbe3f54b34ad257f67aa8fe1fecee5ddc809e7906be1
-
SHA512
0d6d43bb112af685f4f46f7bfde88de577f37d8f77def299a463501672c15cf760d96e1e807f91dd6672cee7d8f1bb508c73fa4790d65074831d6f16138b8812
-
SSDEEP
12288:+EzqAIE3kNuyBCucLZWPq1cZLjxf0qv71FUG61Dgx230gx6tvuLqpxS4aEr7SLTU:NzqhE3kNrkUamdfRtf3
Static task
static1
Behavioral task
behavioral1
Sample
d96da6b249900de66bdb82bb6219b7b0_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d96da6b249900de66bdb82bb6219b7b0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
terra
185.161.248.75:4132
-
auth_value
60df3f535f8aa4e264f78041983592d2
Targets
-
-
Target
d96da6b249900de66bdb82bb6219b7b0_NeikiAnalytics.exe
-
Size
904KB
-
MD5
d96da6b249900de66bdb82bb6219b7b0
-
SHA1
8babfbe8640ee8baac11a503cae84b42f5882260
-
SHA256
b801af6d2d7ac10b1ba2fbe3f54b34ad257f67aa8fe1fecee5ddc809e7906be1
-
SHA512
0d6d43bb112af685f4f46f7bfde88de577f37d8f77def299a463501672c15cf760d96e1e807f91dd6672cee7d8f1bb508c73fa4790d65074831d6f16138b8812
-
SSDEEP
12288:+EzqAIE3kNuyBCucLZWPq1cZLjxf0qv71FUG61Dgx230gx6tvuLqpxS4aEr7SLTU:NzqhE3kNrkUamdfRtf3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-