Overview

overview

7

Static

static

3

4c379aafb8...cs.exe

windows7-x64

7

4c379aafb8...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4c379aafb845f236f1ee573d9e00aaf0_NeikiAnalytics

  • Size

    516KB

  • Sample

    240511-bww7lsgc45

  • MD5

    4c379aafb845f236f1ee573d9e00aaf0

  • SHA1

    a5dbb5555397c9a4f89dabf15511b89c020dfbce

  • SHA256

    45a5eea4736b0b3cbcaa7dd473f6df4662a3bded823428d7c4d8b557de5f9b4e

  • SHA512

    e1ccd896c238a56a5f42593d7b10618da4e6c63103d7d5bb6e31410eec68b28240c434a83963313fd7f278cb1b0bd90874348c2829676cf4206f16009b818141

  • SSDEEP

    12288:dXCNi9BXEq4ExJrQvjWUEryJ3JkSZFgGDl0q:oWXEhExJMEaH2GDl0q

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      4c379aafb845f236f1ee573d9e00aaf0_NeikiAnalytics

    • Size

      516KB

    • MD5

      4c379aafb845f236f1ee573d9e00aaf0

    • SHA1

      a5dbb5555397c9a4f89dabf15511b89c020dfbce

    • SHA256

      45a5eea4736b0b3cbcaa7dd473f6df4662a3bded823428d7c4d8b557de5f9b4e

    • SHA512

      e1ccd896c238a56a5f42593d7b10618da4e6c63103d7d5bb6e31410eec68b28240c434a83963313fd7f278cb1b0bd90874348c2829676cf4206f16009b818141

    • SSDEEP

      12288:dXCNi9BXEq4ExJrQvjWUEryJ3JkSZFgGDl0q:oWXEhExJMEaH2GDl0q

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks