General
-
Target
32a233c6cbe98d7457fb45b086aed120_NeikiAnalytics.exe
-
Size
3.1MB
-
Sample
240525-ha1q8shd82
-
MD5
32a233c6cbe98d7457fb45b086aed120
-
SHA1
a43e35a5edc2a94db1d06f066d1a90cb3c90200d
-
SHA256
f12649686e60f0d7f8bebb9c6c3dfd643f0c706f4bdaec49d651e9ff0fad7fbd
-
SHA512
e88b41bc132a74ef6d99d65346202a582278e31659a4d21a71a9cdc0a4df8ad3ede38141df90e5bb0f4a3e92057b1a93e978800317a9ac86a237d22070070cf6
-
SSDEEP
49152:bv+lL26AaNeWgPhlmVqvMQ7XSKSh6u1JBL/GdDCTHHB72eh2NT:bvuL26AaNeWgPhlmVqkQ7XSKSh6MS
Behavioral task
behavioral1
Sample
32a233c6cbe98d7457fb45b086aed120_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
quasar
1.4.1
Office04
2a0a:ef40:e4d:2101:29a7:c4aa:c78c:2099:4782
f462053d-454d-4001-9f66-dd505b85431b
-
encryption_key
5D4BAF3712899D2801361E6C34F5B11829B6F1E3
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
32a233c6cbe98d7457fb45b086aed120_NeikiAnalytics.exe
-
Size
3.1MB
-
MD5
32a233c6cbe98d7457fb45b086aed120
-
SHA1
a43e35a5edc2a94db1d06f066d1a90cb3c90200d
-
SHA256
f12649686e60f0d7f8bebb9c6c3dfd643f0c706f4bdaec49d651e9ff0fad7fbd
-
SHA512
e88b41bc132a74ef6d99d65346202a582278e31659a4d21a71a9cdc0a4df8ad3ede38141df90e5bb0f4a3e92057b1a93e978800317a9ac86a237d22070070cf6
-
SSDEEP
49152:bv+lL26AaNeWgPhlmVqvMQ7XSKSh6u1JBL/GdDCTHHB72eh2NT:bvuL26AaNeWgPhlmVqkQ7XSKSh6MS
-
Quasar payload
-
Executes dropped EXE
-