General

  • Target

    2f734f274f9f120e9e66e700f14306f0_NeikiAnalytics.exe

  • Size

    330KB

  • Sample

    240528-dl53wadf39

  • MD5

    2f734f274f9f120e9e66e700f14306f0

  • SHA1

    26985c353dabfdff5b7d02f7160021bd2eeb5542

  • SHA256

    ac10b80146594bd059a627d920c5e68cef06f5e854eac1a8c5006c4f2f8d8a52

  • SHA512

    7cd2b84dc4a0ef859aaf705604bb2dbd699d381252ebbbaa9128cc81e93d9131e94e6d759a3986637267ac084a3f26d58c9e2ceaf2ac62ef27b27cf58b4c7edd

  • SSDEEP

    6144:eSwxVqmMmHG7PKmks+sJI7qJNHWBXLk841Nr8TavsiWJ9opjaM9sZQPB:eSwxlsPjI7BBb7G4TaEvo4esZQPB

Score
10/10

Malware Config

Extracted

Family

lumma

C2

https://rankrandomotherwjsui.shop/api

https://acceptabledcooeprs.shop/api

https://obsceneclassyjuwks.shop/api

https://zippyfinickysofwps.shop/api

https://miniaturefinerninewjs.shop/api

https://plaintediousidowsko.shop/api

https://sweetsquarediaslw.shop/api

https://holicisticscrarws.shop/api

https://boredimperissvieos.shop/api

Targets

    • Target

      2f734f274f9f120e9e66e700f14306f0_NeikiAnalytics.exe

    • Size

      330KB

    • MD5

      2f734f274f9f120e9e66e700f14306f0

    • SHA1

      26985c353dabfdff5b7d02f7160021bd2eeb5542

    • SHA256

      ac10b80146594bd059a627d920c5e68cef06f5e854eac1a8c5006c4f2f8d8a52

    • SHA512

      7cd2b84dc4a0ef859aaf705604bb2dbd699d381252ebbbaa9128cc81e93d9131e94e6d759a3986637267ac084a3f26d58c9e2ceaf2ac62ef27b27cf58b4c7edd

    • SSDEEP

      6144:eSwxVqmMmHG7PKmks+sJI7qJNHWBXLk841Nr8TavsiWJ9opjaM9sZQPB:eSwxlsPjI7BBb7G4TaEvo4esZQPB

    Score
    10/10
    • Lumma Stealer

      An infostealer written in C++ first seen in August 2022.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks