Overview

overview

7

Static

static

3

4458ca8039...cs.exe

windows7-x64

7

4458ca8039...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    4458ca80390dcd98cf2d1c7a309a44e0_NeikiAnalytics

  • Size

    3.2MB

  • Sample

    240510-cdsxxacc5w

  • MD5

    4458ca80390dcd98cf2d1c7a309a44e0

  • SHA1

    2dff43ef0f1f296f67ec01035b8953b454114559

  • SHA256

    083019fba5b9df4c54b994cd2daafa96968431d2a08e70adf33a49327c7d24e8

  • SHA512

    21ce24bfb19a73c3249aaedff9cda9c39a322eacf88259e088697697e15d0f307b2055c20370d253400c9da84a61c512b27bb16b6e34a91bc714f5a050e72986

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpebVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      4458ca80390dcd98cf2d1c7a309a44e0_NeikiAnalytics

    • Size

      3.2MB

    • MD5

      4458ca80390dcd98cf2d1c7a309a44e0

    • SHA1

      2dff43ef0f1f296f67ec01035b8953b454114559

    • SHA256

      083019fba5b9df4c54b994cd2daafa96968431d2a08e70adf33a49327c7d24e8

    • SHA512

      21ce24bfb19a73c3249aaedff9cda9c39a322eacf88259e088697697e15d0f307b2055c20370d253400c9da84a61c512b27bb16b6e34a91bc714f5a050e72986

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpebVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks