General

  • Target

    c598e56957f48b2a069db2d5612fb330_NeikiAnalytics

  • Size

    1.6MB

  • Sample

    240515-me9l6ach9v

  • MD5

    c598e56957f48b2a069db2d5612fb330

  • SHA1

    a0b232edf6da861de3ef0575e4b4a12d085274d8

  • SHA256

    65c091f7912273e529f379f2dd0c4db47540b484847df15dfeeeba88f22cf65b

  • SHA512

    3eb184610ad1cb78aa9ddde2f0372ad8881edae5182a7310f5dff9f6aca6e3e646f638af82f11fbed30dcb19ff6f71c445601e47b25508d99996bf5eb43d2d0a

  • SSDEEP

    49152:8dumMKRfqF1p6UBrwpTeLhwsTXmUjcZstRP6pIZvxecS:Gq3bAOhwsT3oaPP6pIZ4cS

Malware Config

Targets

    • Target

      c598e56957f48b2a069db2d5612fb330_NeikiAnalytics

    • Size

      1.6MB

    • MD5

      c598e56957f48b2a069db2d5612fb330

    • SHA1

      a0b232edf6da861de3ef0575e4b4a12d085274d8

    • SHA256

      65c091f7912273e529f379f2dd0c4db47540b484847df15dfeeeba88f22cf65b

    • SHA512

      3eb184610ad1cb78aa9ddde2f0372ad8881edae5182a7310f5dff9f6aca6e3e646f638af82f11fbed30dcb19ff6f71c445601e47b25508d99996bf5eb43d2d0a

    • SSDEEP

      49152:8dumMKRfqF1p6UBrwpTeLhwsTXmUjcZstRP6pIZvxecS:Gq3bAOhwsT3oaPP6pIZ4cS

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks