04b00f64881e841e5d020b3f34853cb08db06d48fb0d06b927912a7372837193 | Triage

Sharing

General

Target

0b1026a72a44af785f1fdf60d876d440_NeikiAnalytics
Size

304KB
Sample

240509-11s37acd89
MD5

0b1026a72a44af785f1fdf60d876d440
SHA1

ace04fb4983400217d2d9882e5649e40a73f78aa
SHA256

04b00f64881e841e5d020b3f34853cb08db06d48fb0d06b927912a7372837193
SHA512

d79ad3bf0645568df75b3d0238d9a0dcbc2493060d0cb9fb45f9730a8102a9ab4d03c6d186d7b9d4fc53cbac9314d54dafdc1db930bad5a71d0af38fcdc92ec5
SSDEEP

6144:bXY1Ku5iEM7Wm3rRVgEvcDAwyJupD74ztWFqA95gOdX+umC:uKxXfRV0AwysZFZ5pX

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  0b1026a72a44af785f1fdf60d876d440_NeikiAnalytics
- Size
  
  304KB
- MD5
  
  0b1026a72a44af785f1fdf60d876d440
- SHA1
  
  ace04fb4983400217d2d9882e5649e40a73f78aa
- SHA256
  
  04b00f64881e841e5d020b3f34853cb08db06d48fb0d06b927912a7372837193
- SHA512
  
  d79ad3bf0645568df75b3d0238d9a0dcbc2493060d0cb9fb45f9730a8102a9ab4d03c6d186d7b9d4fc53cbac9314d54dafdc1db930bad5a71d0af38fcdc92ec5
- SSDEEP
  
  6144:bXY1Ku5iEM7Wm3rRVgEvcDAwyJupD74ztWFqA95gOdX+umC:uKxXfRV0AwysZFZ5pX
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2