Extracted

• • Target

    308ce465211f1556a686990b6ffbeec0_NeikiAnalytics.exe

  • Size

    2.7MB

  • MD5

    308ce465211f1556a686990b6ffbeec0

  • SHA1

    bffe19ca967c9cf6c9637f74d35c9d2a7ab103fc

  • SHA256

    a3b4fb3bff6fa8148bc992fb0001754073de7f13f91d9e72d2ba1f4f025b4f1a

  • SHA512

    a85b1a939b65776d26bdf5ef0efca15ef9e37c3353dd4383ed24e8f189cbcbfd33747e93f3f758710e20a411cbdf4fb33e43c519b255094e81b7c4b06c043efd

  • SSDEEP

    49152:3iL9aT3HOoHrXBUugXr8R/8XXiYxPiTDIv5i:30wHPLBUuJ

  Score

  10^/10

  44caliberspywarestealer

  • 44Caliber

    An open source infostealer written in C#.

    stealer44caliber

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of NtSetInformationThreadHideFromDebugger

  behavioral1behavioral2