07da8503c5a4ba5d0127b1750ed3504c59b66c5f3ea1e57f50a6f849d16f1d69 | Triage

Sharing

General

Target

1c704d85e78b7db2be27b91b69f9e060_NEIKI
Size

923KB
Sample

240508-jv1seada65
MD5

1c704d85e78b7db2be27b91b69f9e060
SHA1

cb7eae18c4b15c52b3fbb9761886e0a0713da495
SHA256

07da8503c5a4ba5d0127b1750ed3504c59b66c5f3ea1e57f50a6f849d16f1d69
SHA512

879b5ffd90df3724ec248db3795d7b3508dd91d4cdd2d9f7f072e4f62ae721692054e697cabb160882170aac293067fba9aa3e4d7ee759a6056199e1ac8e78de
SSDEEP

12288:6UfaIL0tsuL960svDR9miXSldDMYX73pAmDiG346oNXaDAqwEIGyPY3YWTDlHIyp:6cYJU0sDLmiil2Yr51orBcVOPYFH7

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1c704d85e78b7db2be27b91b69f9e060_NEIKI
- Size
  
  923KB
- MD5
  
  1c704d85e78b7db2be27b91b69f9e060
- SHA1
  
  cb7eae18c4b15c52b3fbb9761886e0a0713da495
- SHA256
  
  07da8503c5a4ba5d0127b1750ed3504c59b66c5f3ea1e57f50a6f849d16f1d69
- SHA512
  
  879b5ffd90df3724ec248db3795d7b3508dd91d4cdd2d9f7f072e4f62ae721692054e697cabb160882170aac293067fba9aa3e4d7ee759a6056199e1ac8e78de
- SSDEEP
  
  12288:6UfaIL0tsuL960svDR9miXSldDMYX73pAmDiG346oNXaDAqwEIGyPY3YWTDlHIyp:6cYJU0sDLmiil2Yr51orBcVOPYFH7
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2