b77991feda21af3ef741da4aee26a29d55731842176a24e4c1ba75fb21e2063f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b9510cdb22219cfdb60d20db7d0d990_NeikiAnalytics
Size

135KB
Sample

240511-rb7qlsag4y
MD5

0b9510cdb22219cfdb60d20db7d0d990
SHA1

d8f9c56c028220ce00c30dedcee7f9503c9776a1
SHA256

b77991feda21af3ef741da4aee26a29d55731842176a24e4c1ba75fb21e2063f
SHA512

6b6cee1d4fb4bad86bff03473f250ec094fbbc27bf23e922e4edce34916b060aef1b3011658bc5bff78fc833b7979a439d6bdc75f7d683d75a7dc55689218c92
SSDEEP

3072:ZhpAyazIlyazTIFPF+WVFMO3gAs7lzIr8:hZMazad0LAsCg

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  0b9510cdb22219cfdb60d20db7d0d990_NeikiAnalytics
- Size
  
  135KB
- MD5
  
  0b9510cdb22219cfdb60d20db7d0d990
- SHA1
  
  d8f9c56c028220ce00c30dedcee7f9503c9776a1
- SHA256
  
  b77991feda21af3ef741da4aee26a29d55731842176a24e4c1ba75fb21e2063f
- SHA512
  
  6b6cee1d4fb4bad86bff03473f250ec094fbbc27bf23e922e4edce34916b060aef1b3011658bc5bff78fc833b7979a439d6bdc75f7d683d75a7dc55689218c92
- SSDEEP
  
  3072:ZhpAyazIlyazTIFPF+WVFMO3gAs7lzIr8:hZMazad0LAsCg
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer