General
-
Target
41b0bedd80712ffb926aa61685245d95d60c1458122f572ef66787e854cd5bea_NeikiAnalytics
-
Size
2.0MB
-
Sample
240528-nlldksab92
-
MD5
27357e6724bcff676779325f6425386c
-
SHA1
0a9d9a5270cbef8b5e2d06289266761dfe3a4110
-
SHA256
41b0bedd80712ffb926aa61685245d95d60c1458122f572ef66787e854cd5bea
-
SHA512
b3cd6c2b80218b3dab3902fde2f0b1d3ea8202f27b573dac5c03e3b57cb9c610d1a551a4edbb72a0b162fa61b194a37a5f4d1d112baa64cadc54c8777a12050c
-
SSDEEP
49152:s4K3x1vUKJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18KtIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
41b0bedd80712ffb926aa61685245d95d60c1458122f572ef66787e854cd5bea_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
41b0bedd80712ffb926aa61685245d95d60c1458122f572ef66787e854cd5bea_NeikiAnalytics
-
Size
2.0MB
-
MD5
27357e6724bcff676779325f6425386c
-
SHA1
0a9d9a5270cbef8b5e2d06289266761dfe3a4110
-
SHA256
41b0bedd80712ffb926aa61685245d95d60c1458122f572ef66787e854cd5bea
-
SHA512
b3cd6c2b80218b3dab3902fde2f0b1d3ea8202f27b573dac5c03e3b57cb9c610d1a551a4edbb72a0b162fa61b194a37a5f4d1d112baa64cadc54c8777a12050c
-
SSDEEP
49152:s4K3x1vUKJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18KtIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-