redline | 8416cfd085b7ef5a5a3708e7aba52b6f4acd5d0f432c62338c80bd07f78c18c8 | Triage

Submit
Reports

Overview

overview

Static

static

0a1e1d868d...cs.exe

windows7-x64

1

0a1e1d868d...cs.exe

windows10-2004-x64

5

Sharing

General

Target

0a1e1d868dfefc1a6f52fb843d0c5a60_NeikiAnalytics.exe
Size

168KB
Sample

240525-xb4a3sdh6v
MD5

0a1e1d868dfefc1a6f52fb843d0c5a60
SHA1

1a69f5b9c0168a62758474c6b5c46933181af42a
SHA256

8416cfd085b7ef5a5a3708e7aba52b6f4acd5d0f432c62338c80bd07f78c18c8
SHA512

871d22f5899ce6c8e62c3b8539c9de2bfdb5aae1680c3baf6405df1b6d7475115e97b390a76caa0b82e459638518912958d5814539c4fefff8ef1c70ff430b30
SSDEEP

1536:He9KqhVZCGWDv7zPB/8Wc9agcwV3tTGqVE1WbuXMOJsy4C9u184wYkM8e8hj:HwijR8WcTBkqVE8pOJn4C9u158e8hj

Score

10^/10

redline grom microsoft phishing

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

0a1e1d868dfefc1a6f52fb843d0c5a60_NeikiAnalytics.exe

Resource

win7-20240508-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

0a1e1d868dfefc1a6f52fb843d0c5a60_NeikiAnalytics.exe

Resource

win10v2004-20240426-en

microsoft phishing

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

redline

Botnet

grom

C2

83.97.73.127:19045

Attributes

auth_value
2193aac8692a5e1ec66d9db9fa25ee00

Targets

- Target
  
  0a1e1d868dfefc1a6f52fb843d0c5a60_NeikiAnalytics.exe
- Size
  
  168KB
- MD5
  
  0a1e1d868dfefc1a6f52fb843d0c5a60
- SHA1
  
  1a69f5b9c0168a62758474c6b5c46933181af42a
- SHA256
  
  8416cfd085b7ef5a5a3708e7aba52b6f4acd5d0f432c62338c80bd07f78c18c8
- SHA512
  
  871d22f5899ce6c8e62c3b8539c9de2bfdb5aae1680c3baf6405df1b6d7475115e97b390a76caa0b82e459638518912958d5814539c4fefff8ef1c70ff430b30
- SSDEEP
  
  1536:He9KqhVZCGWDv7zPB/8Wc9agcwV3tTGqVE1WbuXMOJsy4C9u184wYkM8e8hj:HwijR8WcTBkqVE8pOJn4C9u158e8hj
Score

5^/10

microsoft phishing
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing

© 2018-2024

Terms | Privacy