General

  • Target

    774a40f58e41bef66a153a5c13533e2a336d828b12378ccc0f64f20699d907b6_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240624-qb5etatcje

  • MD5

    c9d0d2349b518e62d386b8efff460aa0

  • SHA1

    1c700e8fa86efc68969aa73aee134cbedf13564c

  • SHA256

    774a40f58e41bef66a153a5c13533e2a336d828b12378ccc0f64f20699d907b6

  • SHA512

    eba39b902cc414989344535232f923cfd7831ada7d16dd708e20139dab33085a3f07538f27fc4d7d57bdb144771a03d311cc44b18e1fe6d51f1a44e02d7f28d3

  • SSDEEP

    24576:oAHnh+eWsN3skA4RV1Hom2KXMmHao0Qvqw7mV5t/4Zo4TbUIIc5:vh+ZkldoPK8Yao0WI5t/4ZH9P

Score
10/10

Malware Config

Extracted

Family

asyncrat

Version

Venom RAT + HVNC + Stealer + Grabber v6.0.3

Botnet

Default

C2

194.55.186.121:1313

Mutex

pnlxeuiqsise

Attributes
  • delay

    1

  • install

    false

  • install_folder

    %AppData%

aes.plain

Targets

    • Target

      774a40f58e41bef66a153a5c13533e2a336d828b12378ccc0f64f20699d907b6_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      c9d0d2349b518e62d386b8efff460aa0

    • SHA1

      1c700e8fa86efc68969aa73aee134cbedf13564c

    • SHA256

      774a40f58e41bef66a153a5c13533e2a336d828b12378ccc0f64f20699d907b6

    • SHA512

      eba39b902cc414989344535232f923cfd7831ada7d16dd708e20139dab33085a3f07538f27fc4d7d57bdb144771a03d311cc44b18e1fe6d51f1a44e02d7f28d3

    • SSDEEP

      24576:oAHnh+eWsN3skA4RV1Hom2KXMmHao0Qvqw7mV5t/4Zo4TbUIIc5:vh+ZkldoPK8Yao0WI5t/4ZH9P

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks