35e93f32bc821ab5d0a68fc33debab66e23edc773c50caf913d298d703dd23ac | Triage

Sharing

General

Target

05a6e206a5333819425304fa4b1c27c0_NeikiAnalytics
Size

693KB
Sample

240512-nqd53agb74
MD5

05a6e206a5333819425304fa4b1c27c0
SHA1

ce772e58d461456e90e8c29dd504b91f0d003f0f
SHA256

35e93f32bc821ab5d0a68fc33debab66e23edc773c50caf913d298d703dd23ac
SHA512

2354d73016520cdf95a882f1cf4e183a0201a3acaab205e94ffa526ad884b5fd8da6e87404ac71c0ecb5998e962a9e08cff98ef0e4fdbd5e769edbed5dc0d8d0
SSDEEP

12288:iHnKKWxuyOv+OhbIoGj3llvq+1shslyAD5pwcnID+RKu:iHnKpIp+O5KrlowjHwKID+

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  05a6e206a5333819425304fa4b1c27c0_NeikiAnalytics
- Size
  
  693KB
- MD5
  
  05a6e206a5333819425304fa4b1c27c0
- SHA1
  
  ce772e58d461456e90e8c29dd504b91f0d003f0f
- SHA256
  
  35e93f32bc821ab5d0a68fc33debab66e23edc773c50caf913d298d703dd23ac
- SHA512
  
  2354d73016520cdf95a882f1cf4e183a0201a3acaab205e94ffa526ad884b5fd8da6e87404ac71c0ecb5998e962a9e08cff98ef0e4fdbd5e769edbed5dc0d8d0
- SSDEEP
  
  12288:iHnKKWxuyOv+OhbIoGj3llvq+1shslyAD5pwcnID+RKu:iHnKpIp+O5KrlowjHwKID+
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2