General
-
Target
4cb587ee2f9e9b8267f0324814fc1da0_NeikiAnalytics.exe
-
Size
393KB
-
Sample
240522-2fd9zabd4x
-
MD5
4cb587ee2f9e9b8267f0324814fc1da0
-
SHA1
5fed5e5a2d64b5adc552cf20ef480ce265cccf2c
-
SHA256
3b9ac622eb992291af26923d93277e017f5df26e3346caec4882db0c712f9b6a
-
SHA512
943d6464cd347899dc0523516fc3dc98505aaba8c6ab90b640f76a8014788ef8cc19694977cf835a61329c4c2b6c5a9b9fad0413e15e12e844ff0ec03b331199
-
SSDEEP
6144:xuqW2DEqqFjmKjkZakLgK3ZPCysLVJOWaINXNBPVCL:xuqW2D78DdkL7sLVlaIZNR4L
Static task
static1
Behavioral task
behavioral1
Sample
4cb587ee2f9e9b8267f0324814fc1da0_NeikiAnalytics.exe
Resource
win7-20231129-en
Malware Config
Extracted
redline
mass9
62.182.158.147:48394
Targets
-
-
Target
4cb587ee2f9e9b8267f0324814fc1da0_NeikiAnalytics.exe
-
Size
393KB
-
MD5
4cb587ee2f9e9b8267f0324814fc1da0
-
SHA1
5fed5e5a2d64b5adc552cf20ef480ce265cccf2c
-
SHA256
3b9ac622eb992291af26923d93277e017f5df26e3346caec4882db0c712f9b6a
-
SHA512
943d6464cd347899dc0523516fc3dc98505aaba8c6ab90b640f76a8014788ef8cc19694977cf835a61329c4c2b6c5a9b9fad0413e15e12e844ff0ec03b331199
-
SSDEEP
6144:xuqW2DEqqFjmKjkZakLgK3ZPCysLVJOWaINXNBPVCL:xuqW2D78DdkL7sLVlaIZNR4L
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-