Overview

overview

7

Static

static

3

57d29c0fb7...cs.exe

windows7-x64

7

57d29c0fb7...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    57d29c0fb7968a8c09a3e6bf44b164d0_NeikiAnalytics

  • Size

    645KB

  • Sample

    240509-rj89eadf61

  • MD5

    57d29c0fb7968a8c09a3e6bf44b164d0

  • SHA1

    f45967f1844a4b1a3f82ca4261d211a788f45c07

  • SHA256

    059a5bd50faa94d289deb835b336929b5af4ca1838eaeb752f6e8afadce24717

  • SHA512

    fe54868c94534a5deaa9d3891f5fa171513ad9cd3efc5a0321693d1265a8ce0c27ed7050f696229faeabd3ce7cb3efe1997c8daea97aa37754ccc8bbcb028b69

  • SSDEEP

    12288:xC0woDsnqdKviYErMTR/bF8WK1lJtL1posGOcAaDR36lv4rucLjeXHAY:DwmGqd8lErM9xzIxDcBR3mv4KcLU

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      57d29c0fb7968a8c09a3e6bf44b164d0_NeikiAnalytics

    • Size

      645KB

    • MD5

      57d29c0fb7968a8c09a3e6bf44b164d0

    • SHA1

      f45967f1844a4b1a3f82ca4261d211a788f45c07

    • SHA256

      059a5bd50faa94d289deb835b336929b5af4ca1838eaeb752f6e8afadce24717

    • SHA512

      fe54868c94534a5deaa9d3891f5fa171513ad9cd3efc5a0321693d1265a8ce0c27ed7050f696229faeabd3ce7cb3efe1997c8daea97aa37754ccc8bbcb028b69

    • SSDEEP

      12288:xC0woDsnqdKviYErMTR/bF8WK1lJtL1posGOcAaDR36lv4rucLjeXHAY:DwmGqd8lErM9xzIxDcBR3mv4KcLU

    Score
    7/10
    persistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks