Overview

overview

7

Static

static

3

8ea6821295...cs.exe

windows7-x64

7

8ea6821295...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8ea6821295efbeed9ae3ec8d8f40eba0_NeikiAnalytics

  • Size

    3.1MB

  • Sample

    240510-g6an9abc49

  • MD5

    8ea6821295efbeed9ae3ec8d8f40eba0

  • SHA1

    f22defa1352f8a9c0cfff4dc6f4737dda9cf2f7e

  • SHA256

    211afc5c9be3d9df647f1dafcfddf8888692014add4eb852b20d61db516cf941

  • SHA512

    ab4284f501c3d3cd386335cb80fd0ddf4a0a6583238e6792d2ad4e68f16a57fe6628d0969ad690f2cd8a61c0a74629eaca6cc515c6a0be9052d87cc587e1f8e0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBuB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpFbVz8eLFc

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      8ea6821295efbeed9ae3ec8d8f40eba0_NeikiAnalytics

    • Size

      3.1MB

    • MD5

      8ea6821295efbeed9ae3ec8d8f40eba0

    • SHA1

      f22defa1352f8a9c0cfff4dc6f4737dda9cf2f7e

    • SHA256

      211afc5c9be3d9df647f1dafcfddf8888692014add4eb852b20d61db516cf941

    • SHA512

      ab4284f501c3d3cd386335cb80fd0ddf4a0a6583238e6792d2ad4e68f16a57fe6628d0969ad690f2cd8a61c0a74629eaca6cc515c6a0be9052d87cc587e1f8e0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBuB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpFbVz8eLFc

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks