General

  • Target

    c132a2fc4f3a07f6103381ad8d201d10_NeikiAnalytics

  • Size

    1.4MB

  • Sample

    240515-l18fjscb9s

  • MD5

    c132a2fc4f3a07f6103381ad8d201d10

  • SHA1

    8fa6aa484cd204d521a39071a5c07df0b880269e

  • SHA256

    8b8a750d52ab69d01f19e5a2c9987980d0e96c830a1fcb9123aa195c50ce1143

  • SHA512

    0e4db90da4c16113e92d466b6eab81526810ea93431119d5b4908dfe5f43f595bb0935928a786add353e958694b610b3cd87ce34fdb67aadd2d1dc7792bc5e07

  • SSDEEP

    12288:GlwUfPDsyLDJ9TagvE7lhcau3Mqv7C34CgexdtWabJY+RlNXXRWeWBqq2+m0Lr/6:RUXzv/TaTnpGDgSeXUmJFLNXhLcMhwA

Malware Config

Targets

    • Target

      c132a2fc4f3a07f6103381ad8d201d10_NeikiAnalytics

    • Size

      1.4MB

    • MD5

      c132a2fc4f3a07f6103381ad8d201d10

    • SHA1

      8fa6aa484cd204d521a39071a5c07df0b880269e

    • SHA256

      8b8a750d52ab69d01f19e5a2c9987980d0e96c830a1fcb9123aa195c50ce1143

    • SHA512

      0e4db90da4c16113e92d466b6eab81526810ea93431119d5b4908dfe5f43f595bb0935928a786add353e958694b610b3cd87ce34fdb67aadd2d1dc7792bc5e07

    • SSDEEP

      12288:GlwUfPDsyLDJ9TagvE7lhcau3Mqv7C34CgexdtWabJY+RlNXXRWeWBqq2+m0Lr/6:RUXzv/TaTnpGDgSeXUmJFLNXhLcMhwA

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks