General

  • Target

    d1d04f68d45c7130300f383f2f1c5630_NeikiAnalytics

  • Size

    467KB

  • Sample

    240515-pj8a1ahd22

  • MD5

    d1d04f68d45c7130300f383f2f1c5630

  • SHA1

    a6b5ced4ec5e04b22719df0b5d2b6827d4b35318

  • SHA256

    5c67852c7bc2506f49c5b6ac0a700d7b3fdeea34061d9cf207e314126ed8e6a5

  • SHA512

    de8d449ef35be8f6200fbc20be3a53f338ef59384e7a285aae795ff733c1e1b277b12fa2730cdd0bc3664f850f7036ebf807c786cba6be8c6a93241975958c44

  • SSDEEP

    12288:lXa8sKvWW1wZJJaAlZVxDsN9ijRzp22i9:lq8fvR/AXkijRzp22i9

Malware Config

Targets

    • Target

      d1d04f68d45c7130300f383f2f1c5630_NeikiAnalytics

    • Size

      467KB

    • MD5

      d1d04f68d45c7130300f383f2f1c5630

    • SHA1

      a6b5ced4ec5e04b22719df0b5d2b6827d4b35318

    • SHA256

      5c67852c7bc2506f49c5b6ac0a700d7b3fdeea34061d9cf207e314126ed8e6a5

    • SHA512

      de8d449ef35be8f6200fbc20be3a53f338ef59384e7a285aae795ff733c1e1b277b12fa2730cdd0bc3664f850f7036ebf807c786cba6be8c6a93241975958c44

    • SSDEEP

      12288:lXa8sKvWW1wZJJaAlZVxDsN9ijRzp22i9:lq8fvR/AXkijRzp22i9

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks