General

  • Target

    d0254fd0744ba1f2be72f75de591df30_NeikiAnalytics

  • Size

    3.6MB

  • Sample

    240515-nrq61sff96

  • MD5

    d0254fd0744ba1f2be72f75de591df30

  • SHA1

    9ff563faf6d41cfac06e53497d6b86c81c0e8ebc

  • SHA256

    2098fccb32fa27fdfb7bce004000d45c03f7e0a1153a590bd9a51023d863e68a

  • SHA512

    c17b7e537d835ab74cccf461bd6f7c638196be1083bbc84ffe44c2392b45e5518d7466ac00026025059456ce385db26fea2dbaf708eb6360eabf57f498ceb93d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBqB/bSqz8:sxX7QnxrloE5dpUp1bVz8

Malware Config

Targets

    • Target

      d0254fd0744ba1f2be72f75de591df30_NeikiAnalytics

    • Size

      3.6MB

    • MD5

      d0254fd0744ba1f2be72f75de591df30

    • SHA1

      9ff563faf6d41cfac06e53497d6b86c81c0e8ebc

    • SHA256

      2098fccb32fa27fdfb7bce004000d45c03f7e0a1153a590bd9a51023d863e68a

    • SHA512

      c17b7e537d835ab74cccf461bd6f7c638196be1083bbc84ffe44c2392b45e5518d7466ac00026025059456ce385db26fea2dbaf708eb6360eabf57f498ceb93d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBqB/bSqz8:sxX7QnxrloE5dpUp1bVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks