Overview

overview

7

Static

static

3

43ae9cf0cd...cs.dll

windows7-x64

1

43ae9cf0cd...cs.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43ae9cf0cd248539a4321bb08e15cba0_NeikiAnalytics

  • Size

    570KB

  • Sample

    240515-15fnnaef6x

  • MD5

    43ae9cf0cd248539a4321bb08e15cba0

  • SHA1

    9f3fb49feb4725a4e09eaaf2d870b4f685af50cc

  • SHA256

    0f0b47f0057d559bfc399b6a619cb07b348d81c0f693cd94912b335026ca5cdc

  • SHA512

    bf1d81fca1d84a674d00e27c3a1e1c7b27a11e704de409425ccf9bd71ab7fea32364a9f9552c4aea68dd959c2778695b0b1b957dca3ba6394d48cd6652a44922

  • SSDEEP

    12288:8tfuHF+NT7APjuD3diJQljDjK/Z/9OHob6IAoRHz:8c+NT7ntgQNu/V9OH5

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      43ae9cf0cd248539a4321bb08e15cba0_NeikiAnalytics

    • Size

      570KB

    • MD5

      43ae9cf0cd248539a4321bb08e15cba0

    • SHA1

      9f3fb49feb4725a4e09eaaf2d870b4f685af50cc

    • SHA256

      0f0b47f0057d559bfc399b6a619cb07b348d81c0f693cd94912b335026ca5cdc

    • SHA512

      bf1d81fca1d84a674d00e27c3a1e1c7b27a11e704de409425ccf9bd71ab7fea32364a9f9552c4aea68dd959c2778695b0b1b957dca3ba6394d48cd6652a44922

    • SSDEEP

      12288:8tfuHF+NT7APjuD3diJQljDjK/Z/9OHob6IAoRHz:8c+NT7ntgQNu/V9OH5

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks