General

  • Target

    3bbae8b9a6725590f7506c526726db3de42cd1ea0c5c7b1256a20345279c416d_NeikiAnalytics.exe

  • Size

    78KB

  • Sample

    240620-glnelsxank

  • MD5

    5a0f3a206690ba712701bf235623ed20

  • SHA1

    0d229d08333f9cbf0911782427b32fbac8552d3d

  • SHA256

    3bbae8b9a6725590f7506c526726db3de42cd1ea0c5c7b1256a20345279c416d

  • SHA512

    760edd5b72c77de5008c16d7e4d1deb632ecc7bdf5f7ad8c95d6e76af230e577c71f91d1490f530e08655d47052269c91f12d3bb98b4d0da4631acd94cb1b1dc

  • SSDEEP

    1536:IuECUCfNRzjHB9s2hVgI8TnH1or2jZLwrfptbyB45flUNv+7sk:I7sPDs2hdSH10s1wrfptbyB45d++7sk

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

0.5.8

Botnet

Default

C2

http://rconhomne.ddns.net/:6606

http://rconhomne.ddns.net/:7707

http://rconhomne.ddns.net/:8808

Mutex

INto6wUrRcnC

Attributes
  • delay

    60

  • install

    true

  • install_file

    $77system.exe

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      3bbae8b9a6725590f7506c526726db3de42cd1ea0c5c7b1256a20345279c416d_NeikiAnalytics.exe

    • Size

      78KB

    • MD5

      5a0f3a206690ba712701bf235623ed20

    • SHA1

      0d229d08333f9cbf0911782427b32fbac8552d3d

    • SHA256

      3bbae8b9a6725590f7506c526726db3de42cd1ea0c5c7b1256a20345279c416d

    • SHA512

      760edd5b72c77de5008c16d7e4d1deb632ecc7bdf5f7ad8c95d6e76af230e577c71f91d1490f530e08655d47052269c91f12d3bb98b4d0da4631acd94cb1b1dc

    • SSDEEP

      1536:IuECUCfNRzjHB9s2hVgI8TnH1or2jZLwrfptbyB45flUNv+7sk:I7sPDs2hdSH10s1wrfptbyB45d++7sk

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

MITRE ATT&CK Matrix

Tasks