Overview

overview

7

Static

static

3

9ea8892331...cs.exe

windows7-x64

7

9ea8892331...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9ea889233129a72fbe429afd3c821d60_NeikiAnalytics

  • Size

    387KB

  • Sample

    240510-h5r3kshh8x

  • MD5

    9ea889233129a72fbe429afd3c821d60

  • SHA1

    382cba08a3b7fbe4a338ab81de551c51807cca37

  • SHA256

    ff599d9dd5b2a31e734391ef0fc4316ef781768b5c653e9380d7118595995103

  • SHA512

    96411be9114ccad76a390bf1df9bbde9d6b11c60b415f8078f7e9fdb54afce6bb4cbe4223f738a8a79c4c323f64a4969cef448f839d0c1a921d9703fab712f79

  • SSDEEP

    6144:/rTfUHeeSKOS9ccFKk3Y9t9YZZ44omkAseOudcDiQuAB:/n8yN0Mr8ZZ4WxOccmQus

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      9ea889233129a72fbe429afd3c821d60_NeikiAnalytics

    • Size

      387KB

    • MD5

      9ea889233129a72fbe429afd3c821d60

    • SHA1

      382cba08a3b7fbe4a338ab81de551c51807cca37

    • SHA256

      ff599d9dd5b2a31e734391ef0fc4316ef781768b5c653e9380d7118595995103

    • SHA512

      96411be9114ccad76a390bf1df9bbde9d6b11c60b415f8078f7e9fdb54afce6bb4cbe4223f738a8a79c4c323f64a4969cef448f839d0c1a921d9703fab712f79

    • SSDEEP

      6144:/rTfUHeeSKOS9ccFKk3Y9t9YZZ44omkAseOudcDiQuAB:/n8yN0Mr8ZZ4WxOccmQus

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks