6364b52e5416e3575b64ddd7e31d9f61eacafd8880624929faa9f35e7a465766 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac3385befb5cb5077392c3eb3b802c30_NeikiAnalytics
Size

96KB
Sample

240510-j5eypacd5x
MD5

ac3385befb5cb5077392c3eb3b802c30
SHA1

347d652d7a10ad381d8778ccd4c8953f27f59479
SHA256

6364b52e5416e3575b64ddd7e31d9f61eacafd8880624929faa9f35e7a465766
SHA512

8ac672e5c96352ed13a7bb59aa8b3831fa38bf15ae76fe069bb053968fc36fb02195237c0fc556e8fc86a11a8411b99acdf205b4c70ed66b8923c6246fea7b6f
SSDEEP

1536:Ly+xfSdUN9pSX9TPnc7PCf8i2NFvpCxp4zzl8i2:ddLN9pm9Tfq2uvnr

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  ac3385befb5cb5077392c3eb3b802c30_NeikiAnalytics
- Size
  
  96KB
- MD5
  
  ac3385befb5cb5077392c3eb3b802c30
- SHA1
  
  347d652d7a10ad381d8778ccd4c8953f27f59479
- SHA256
  
  6364b52e5416e3575b64ddd7e31d9f61eacafd8880624929faa9f35e7a465766
- SHA512
  
  8ac672e5c96352ed13a7bb59aa8b3831fa38bf15ae76fe069bb053968fc36fb02195237c0fc556e8fc86a11a8411b99acdf205b4c70ed66b8923c6246fea7b6f
- SSDEEP
  
  1536:Ly+xfSdUN9pSX9TPnc7PCf8i2NFvpCxp4zzl8i2:ddLN9pm9Tfq2uvnr
Score

7^/10

persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2