General
-
Target
93968d3ba125b600933bf9d2ca2fc96be5ba96e245bd9e61c7251f8393217285_NeikiAnalytics
-
Size
2.0MB
-
Sample
240601-jwelkafe78
-
MD5
9b653493bd4ef94da04866d3759d8d4f
-
SHA1
eb9aa7551678bf3d308d16e11bfe48ab1d90d6ee
-
SHA256
93968d3ba125b600933bf9d2ca2fc96be5ba96e245bd9e61c7251f8393217285
-
SHA512
fe825a81e302d1cabeba2a568f181cd33e08bdb7c310332350dab80907532594249b93a36b5c6527b0fc590fa95c43cdc9fd71e9b939524cb42c421be1401b5e
-
SSDEEP
49152:s4K3x1vUaJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18atIuoITsdZ
Static task
static1
Behavioral task
behavioral1
Sample
93968d3ba125b600933bf9d2ca2fc96be5ba96e245bd9e61c7251f8393217285_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
stealc
Extracted
vidar
https://steamcommunity.com/profiles/76561199689717899
https://t.me/copterwin
-
user_agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0
Targets
-
-
Target
93968d3ba125b600933bf9d2ca2fc96be5ba96e245bd9e61c7251f8393217285_NeikiAnalytics
-
Size
2.0MB
-
MD5
9b653493bd4ef94da04866d3759d8d4f
-
SHA1
eb9aa7551678bf3d308d16e11bfe48ab1d90d6ee
-
SHA256
93968d3ba125b600933bf9d2ca2fc96be5ba96e245bd9e61c7251f8393217285
-
SHA512
fe825a81e302d1cabeba2a568f181cd33e08bdb7c310332350dab80907532594249b93a36b5c6527b0fc590fa95c43cdc9fd71e9b939524cb42c421be1401b5e
-
SSDEEP
49152:s4K3x1vUaJtTF+TxMoxc1TU+j+dAzGwlrh:s4Ex18atIuoITsdZ
-
Detect Vidar Stealer
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-