General
-
Target
1ca9c307cc30c9ce41044a83e4395d40_NEIKI
-
Size
2.0MB
-
Sample
240508-x3nppsdg37
-
MD5
1ca9c307cc30c9ce41044a83e4395d40
-
SHA1
5e38af8c60299a5ff513b68122010bc356320c08
-
SHA256
75d13e6ffce32c4c8b1b53156c9692b5da60151f1d16ae1561e4e555cfa5f2a7
-
SHA512
a78c33e1d73cf878caf61785b65d83d2aa2153feab725497507171609709eacab95a8f84784d728ffbc54b52b702930908251f0b259d3a5caedec7c78cf7f7e7
-
SSDEEP
49152:h1OsDCn3b0sdq9tVkWMq0vdovSHhXXruA:h1O7nL0sitVkWX0vVl5
Malware Config
Targets
-
-
Target
1ca9c307cc30c9ce41044a83e4395d40_NEIKI
-
Size
2.0MB
-
MD5
1ca9c307cc30c9ce41044a83e4395d40
-
SHA1
5e38af8c60299a5ff513b68122010bc356320c08
-
SHA256
75d13e6ffce32c4c8b1b53156c9692b5da60151f1d16ae1561e4e555cfa5f2a7
-
SHA512
a78c33e1d73cf878caf61785b65d83d2aa2153feab725497507171609709eacab95a8f84784d728ffbc54b52b702930908251f0b259d3a5caedec7c78cf7f7e7
-
SSDEEP
49152:h1OsDCn3b0sdq9tVkWMq0vdovSHhXXruA:h1O7nL0sitVkWX0vVl5
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-