Overview

overview

7

Static

static

3

5150910acd...cs.exe

windows7-x64

7

5150910acd...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5150910acd25da84fab1c85f782c6760_NeikiAnalytics

  • Size

    162KB

  • Sample

    240512-azpfhaba79

  • MD5

    5150910acd25da84fab1c85f782c6760

  • SHA1

    b77d8499cacc72ae7744637343d60186feee8cf1

  • SHA256

    679c5ab25e15abbac1ce829e9f89fc566e57d630b377b839800f5dd20676a916

  • SHA512

    1fdf1f5a7c0df403e7a3f2e836cf3ae733a2de0ed8d1ff52178909a6f907b2473820cf49afcfa473634d7061d4e88a32fe1c67ff6715936c9e64a8ab531f719d

  • SSDEEP

    3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+I2cFEjJY4PzSM286Ug1OQba1lW2m:oGHGRpO9p1om9+xs3NBB2VdzSqNuCoF

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      5150910acd25da84fab1c85f782c6760_NeikiAnalytics

    • Size

      162KB

    • MD5

      5150910acd25da84fab1c85f782c6760

    • SHA1

      b77d8499cacc72ae7744637343d60186feee8cf1

    • SHA256

      679c5ab25e15abbac1ce829e9f89fc566e57d630b377b839800f5dd20676a916

    • SHA512

      1fdf1f5a7c0df403e7a3f2e836cf3ae733a2de0ed8d1ff52178909a6f907b2473820cf49afcfa473634d7061d4e88a32fe1c67ff6715936c9e64a8ab531f719d

    • SSDEEP

      3072:oGqIGRpTa9p1om9PW/pqqsFUCN3R9MI+I2cFEjJY4PzSM286Ug1OQba1lW2m:oGHGRpO9p1om9+xs3NBB2VdzSqNuCoF

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks