Overview

overview

7

Static

static

3

77fc02ac3f...cs.exe

windows7-x64

7

77fc02ac3f...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77fc02ac3fa027fca50188d7eb9778e0_NeikiAnalytics

  • Size

    536KB

  • Sample

    240512-hbsr1sch7x

  • MD5

    77fc02ac3fa027fca50188d7eb9778e0

  • SHA1

    cee5d158658d30aed0429ebb00502b79e3533584

  • SHA256

    6ba88af15d9aacb729b630d48c1a7a17579f25215c797a5b6da0e3d9b0480f88

  • SHA512

    1feee09f8955c56909e5a815b9b1b0f35877f95623121ea1d8e146e10b5a3e7d7f2a8aacd6a85fd978fe51e973118402fdd1820febcce7f0b78ea2a3f58d976e

  • SSDEEP

    12288:dXCNi9BRLf6Jw7+dFkJTFYJOU8oy8HRHae05iJJESK4NE3N7H:oWRDqcTDoFzf04NyR

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      77fc02ac3fa027fca50188d7eb9778e0_NeikiAnalytics

    • Size

      536KB

    • MD5

      77fc02ac3fa027fca50188d7eb9778e0

    • SHA1

      cee5d158658d30aed0429ebb00502b79e3533584

    • SHA256

      6ba88af15d9aacb729b630d48c1a7a17579f25215c797a5b6da0e3d9b0480f88

    • SHA512

      1feee09f8955c56909e5a815b9b1b0f35877f95623121ea1d8e146e10b5a3e7d7f2a8aacd6a85fd978fe51e973118402fdd1820febcce7f0b78ea2a3f58d976e

    • SSDEEP

      12288:dXCNi9BRLf6Jw7+dFkJTFYJOU8oy8HRHae05iJJESK4NE3N7H:oWRDqcTDoFzf04NyR

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks