Overview

overview

7

Static

static

3

cb19b0c0e0...cs.exe

windows7-x64

7

cb19b0c0e0...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    cb19b0c0e0031f69cb601e8283304ef0_NeikiAnalytics

  • Size

    508KB

  • Sample

    240514-r7sassbg75

  • MD5

    cb19b0c0e0031f69cb601e8283304ef0

  • SHA1

    3a2e9ac269db37316935c347fe8c12cd5512d009

  • SHA256

    6f2333fddfcdbf27b46ec74ee9c55f311c29727ed026025ec976ada7a30dcf0e

  • SHA512

    6028d442c55b0091b709ea0f8d830f7f2d1a8b2efdfd1d99118ce3babf8c1e438fb41b945cf0936629b18ca2f7003d11b9181fbbccfcedcd554e49008edb11fe

  • SSDEEP

    12288:oGHasii9BvpMPSQVZMEw5LRYex7q18SLiZmDo6UIeVy++E8OJeN4J9g:86vOZMT5LRngCmex+E87

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      cb19b0c0e0031f69cb601e8283304ef0_NeikiAnalytics

    • Size

      508KB

    • MD5

      cb19b0c0e0031f69cb601e8283304ef0

    • SHA1

      3a2e9ac269db37316935c347fe8c12cd5512d009

    • SHA256

      6f2333fddfcdbf27b46ec74ee9c55f311c29727ed026025ec976ada7a30dcf0e

    • SHA512

      6028d442c55b0091b709ea0f8d830f7f2d1a8b2efdfd1d99118ce3babf8c1e438fb41b945cf0936629b18ca2f7003d11b9181fbbccfcedcd554e49008edb11fe

    • SSDEEP

      12288:oGHasii9BvpMPSQVZMEw5LRYex7q18SLiZmDo6UIeVy++E8OJeN4J9g:86vOZMT5LRngCmex+E87

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks