General
-
Target
3cf328b7ca34f36bc1d09e01ae4eb060_NeikiAnalytics.exe
-
Size
8.0MB
-
Sample
240528-k8yewaeh46
-
MD5
3cf328b7ca34f36bc1d09e01ae4eb060
-
SHA1
465fc0b51b45188c305daffa8fc66524ef288bf4
-
SHA256
382f895db4767a271f4c101e8584680442d2353d3d1000c1854f5a8ec7501916
-
SHA512
17a07a7a455b41f5232b7a876f64f9a0864bd48984c99dfc9119f159bc5749d0e81f3bb6a8ef27cad204cebdec7ada9b3cf6850245f6306d58ef557f795e1998
-
SSDEEP
196608:GoSNAY/haEmsZlryo9dwVhwjURxLV28qS4SmZ0I7sMoW3n:GpNdIEhlh9dwX/xLV28zm2I4lI
Static task
static1
Behavioral task
behavioral1
Sample
3cf328b7ca34f36bc1d09e01ae4eb060_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Extracted
lumma
185.99.133.246
Targets
-
-
Target
3cf328b7ca34f36bc1d09e01ae4eb060_NeikiAnalytics.exe
-
Size
8.0MB
-
MD5
3cf328b7ca34f36bc1d09e01ae4eb060
-
SHA1
465fc0b51b45188c305daffa8fc66524ef288bf4
-
SHA256
382f895db4767a271f4c101e8584680442d2353d3d1000c1854f5a8ec7501916
-
SHA512
17a07a7a455b41f5232b7a876f64f9a0864bd48984c99dfc9119f159bc5749d0e81f3bb6a8ef27cad204cebdec7ada9b3cf6850245f6306d58ef557f795e1998
-
SSDEEP
196608:GoSNAY/haEmsZlryo9dwVhwjURxLV28qS4SmZ0I7sMoW3n:GpNdIEhlh9dwX/xLV28zm2I4lI
-
Detect Lumma Stealer payload V2
-
Detect Lumma Stealer payload V4
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-