General
-
Target
3f74d8ef98e7ca614f1e830ef9376f80_NeikiAnalytics.exe
-
Size
229KB
-
Sample
240523-gymc3sga8x
-
MD5
3f74d8ef98e7ca614f1e830ef9376f80
-
SHA1
9009f3ee62e6701be14ce586dd6d9e1e10812ba2
-
SHA256
0f6bce6b8ad77e73c5068386b23cc6cadbf971633a16270b2d2da247a4686848
-
SHA512
19db134bb961eb2a94d189485e953f61b6029ce7af79a204fe75e6e8f19e29857edc99764c1aef59da1c0fa6247f4ce528f254da9aeac6203f3eb9bea5b682e3
-
SSDEEP
3072:EBJ2LFgftwOz6/TDbj+Gn4lft+VlUSa2sChNV4TtArHWn8KZFz3c9rweBOLZ40Un:EsF2+HkNnsH4muzs9rweeZ40
Static task
static1
Behavioral task
behavioral1
Sample
3f74d8ef98e7ca614f1e830ef9376f80_NeikiAnalytics.exe
Resource
win7-20240419-en
Malware Config
Extracted
stealc
default11
http://185.172.128.170
-
url_path
/7043a0c6a68d9c65.php
Targets
-
-
Target
3f74d8ef98e7ca614f1e830ef9376f80_NeikiAnalytics.exe
-
Size
229KB
-
MD5
3f74d8ef98e7ca614f1e830ef9376f80
-
SHA1
9009f3ee62e6701be14ce586dd6d9e1e10812ba2
-
SHA256
0f6bce6b8ad77e73c5068386b23cc6cadbf971633a16270b2d2da247a4686848
-
SHA512
19db134bb961eb2a94d189485e953f61b6029ce7af79a204fe75e6e8f19e29857edc99764c1aef59da1c0fa6247f4ce528f254da9aeac6203f3eb9bea5b682e3
-
SSDEEP
3072:EBJ2LFgftwOz6/TDbj+Gn4lft+VlUSa2sChNV4TtArHWn8KZFz3c9rweBOLZ40Un:EsF2+HkNnsH4muzs9rweeZ40
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-