General
-
Target
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec_NeikiAnalytics.exe
-
Size
11KB
-
Sample
240623-twlpzswhpf
-
MD5
bfc18493ebdbffd8e3c949cd7063d7f0
-
SHA1
9ce795c72f1879e1fe539a07f00737138be49ce5
-
SHA256
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec
-
SHA512
c527b6cfb323ab3c9240516a7b3317a2dc68bd8ee0b8764f7a93b2f9941218aadb16be997f59d6bcbf524915a46bb1f916449517e8e76cb90bcd6fabd7975c18
-
SSDEEP
192:1mWQnuI/zOQJfQDNNks4XGp3Q5tfBDV6RQ:1fQnuI/FQF4W33R
Behavioral task
behavioral1
Sample
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
cobaltstrike
http://dpo06.iex-express.com:8443/docsearch.js@2/dist/cdn/docsearch.js
-
user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: dpo06.iex-express.com Referer: https://expressjs.com/en/advanced/security-updates.html Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.
Targets
-
-
Target
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec_NeikiAnalytics.exe
-
Size
11KB
-
MD5
bfc18493ebdbffd8e3c949cd7063d7f0
-
SHA1
9ce795c72f1879e1fe539a07f00737138be49ce5
-
SHA256
05953ad903c237bb9845ae0c1107f21941ed2d876cd6bd2fbee95d94d9204cec
-
SHA512
c527b6cfb323ab3c9240516a7b3317a2dc68bd8ee0b8764f7a93b2f9941218aadb16be997f59d6bcbf524915a46bb1f916449517e8e76cb90bcd6fabd7975c18
-
SSDEEP
192:1mWQnuI/zOQJfQDNNks4XGp3Q5tfBDV6RQ:1fQnuI/FQF4W33R
Score10/10 -