General
-
Target
33bb90f9b3da549cfa9b056caf986cc0_NeikiAnalytics.exe
-
Size
85KB
-
MD5
33bb90f9b3da549cfa9b056caf986cc0
-
SHA1
0b962561e419470b39ab46eafd2e8c696af4a0c7
-
SHA256
c9715d04cf6b83051179c904a9ab7d5c87e1ec9e6d48965b501a86d432d0aa91
-
SHA512
31a3db8f6299fb0e9bcfc186fc24ec67c4d16d11bb3f901336648fe8a68687122ed755b91694139de7ce08d072fcf165346cda22c8508b474f8e0a06922410ca
-
SSDEEP
1536:YksOAjYPSwUWZzOHohyayRLmb41IDzWOOsg67cO30mNld0+:pJPqpqbb41ACs6O30z+
Score
10/10
Malware Config
Extracted
Family
xworm
C2
127.0.0.1:7569
names-pregnant.gl.at.ply.gg:7569
Attributes
-
Install_directory
%AppData%
-
install_file
svchhost.exe
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
33bb90f9b3da549cfa9b056caf986cc0_NeikiAnalytics.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections