db26245f766605e562d7f542a940ae74dd93a65461dd3c36a653276c39424140 | Triage

Sharing

General

Target

2916280f5d78a1da67f5a8f116bcb320_NEIKI
Size

1.1MB
Sample

240507-zeczeahd89
MD5

2916280f5d78a1da67f5a8f116bcb320
SHA1

d64301cbfc164d7cb6fde10a81a5c844bf756fd5
SHA256

db26245f766605e562d7f542a940ae74dd93a65461dd3c36a653276c39424140
SHA512

3eb0050cb96dd46b7199ff605a1912dfd34e79bd7fdf70fa62f1f225992b8f1ad29c513539c8a1da09a3b880b755b75160451c858ca29695336324c6427dc201
SSDEEP

24576:aTrd1CqjWeaewJjGGogfxcqt+gZco600ywLBrvnbj4coCYHb0YL5AQ9M:+mGwJjUg5L0yw1vnbUcophyQ9M

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  2916280f5d78a1da67f5a8f116bcb320_NEIKI
- Size
  
  1.1MB
- MD5
  
  2916280f5d78a1da67f5a8f116bcb320
- SHA1
  
  d64301cbfc164d7cb6fde10a81a5c844bf756fd5
- SHA256
  
  db26245f766605e562d7f542a940ae74dd93a65461dd3c36a653276c39424140
- SHA512
  
  3eb0050cb96dd46b7199ff605a1912dfd34e79bd7fdf70fa62f1f225992b8f1ad29c513539c8a1da09a3b880b755b75160451c858ca29695336324c6427dc201
- SSDEEP
  
  24576:aTrd1CqjWeaewJjGGogfxcqt+gZco600ywLBrvnbj4coCYHb0YL5AQ9M:+mGwJjUg5L0yw1vnbUcophyQ9M
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2