General

  • Target

    c4fc4adf6db025a574f97d1a38001230_NeikiAnalytics

  • Size

    3.0MB

  • Sample

    240515-mc8bbach2v

  • MD5

    c4fc4adf6db025a574f97d1a38001230

  • SHA1

    b2a933fb6890c454294808899800090c6a0bf259

  • SHA256

    2d9f5178625d875a8cdafbe645c261732c6d2acd90beeb83a40893ca6e5a0149

  • SHA512

    6c71cd7042f427829b17a676c36930522d11a086a378db2ed1ea266338e17fc7cd9944f2fed4c40c2d1878ade78d3a02ac4834b4ccdffbca23ff2e9d9fd256b8

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

Malware Config

Targets

    • Target

      c4fc4adf6db025a574f97d1a38001230_NeikiAnalytics

    • Size

      3.0MB

    • MD5

      c4fc4adf6db025a574f97d1a38001230

    • SHA1

      b2a933fb6890c454294808899800090c6a0bf259

    • SHA256

      2d9f5178625d875a8cdafbe645c261732c6d2acd90beeb83a40893ca6e5a0149

    • SHA512

      6c71cd7042f427829b17a676c36930522d11a086a378db2ed1ea266338e17fc7cd9944f2fed4c40c2d1878ade78d3a02ac4834b4ccdffbca23ff2e9d9fd256b8

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks