General
-
Target
58e72b1e94cd1e4b85f0ea1eed8f4a40_NeikiAnalytics.exe
-
Size
3.1MB
-
Sample
240607-px2qdagb6z
-
MD5
58e72b1e94cd1e4b85f0ea1eed8f4a40
-
SHA1
8cd3302ee7c32512d805f84c31d502506009dcc9
-
SHA256
cf2bb1fba6e4c7ad6d4fc1926ca219a7a3ceeacb4251d02738f9c850ca5a0302
-
SHA512
5edef6194cbd802984312de530d5be0f08c7491f63e16a240002ea6337aea2c252515cd4b98c9bd6f08bc80a0de6c3fc6e26fc9a8744dd28091a5110d18b53b6
-
SSDEEP
49152:qvRt62XlaSFNWPjljiFa2RoUYIBZIfKrmZkZoYdPITHHB72eh2NT:qvb62XlaSFNWPjljiFXRoUYIfIfKvJ
Behavioral task
behavioral1
Sample
58e72b1e94cd1e4b85f0ea1eed8f4a40_NeikiAnalytics.exe
Resource
win7-20240221-en
Malware Config
Extracted
quasar
1.4.1
Office04
10.0.0.29:4782
a8cde636-e370-42ad-8535-b31c131ed115
-
encryption_key
637BEC31F89A756BFD2E3AE65051E27ADBE100FB
-
install_name
Client.exe
-
log_directory
Logs
-
reconnect_delay
3000
-
startup_key
Quasar Client Startup
-
subdirectory
SubDir
Targets
-
-
Target
58e72b1e94cd1e4b85f0ea1eed8f4a40_NeikiAnalytics.exe
-
Size
3.1MB
-
MD5
58e72b1e94cd1e4b85f0ea1eed8f4a40
-
SHA1
8cd3302ee7c32512d805f84c31d502506009dcc9
-
SHA256
cf2bb1fba6e4c7ad6d4fc1926ca219a7a3ceeacb4251d02738f9c850ca5a0302
-
SHA512
5edef6194cbd802984312de530d5be0f08c7491f63e16a240002ea6337aea2c252515cd4b98c9bd6f08bc80a0de6c3fc6e26fc9a8744dd28091a5110d18b53b6
-
SSDEEP
49152:qvRt62XlaSFNWPjljiFa2RoUYIBZIfKrmZkZoYdPITHHB72eh2NT:qvb62XlaSFNWPjljiFXRoUYIfIfKvJ
-
Quasar payload
-
Executes dropped EXE
-