Overview

overview

7

Static

static

3

d1dbd719de...cs.exe

windows7-x64

7

d1dbd719de...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1dbd719de29a51e94199e73403b67c0_NeikiAnalytics

  • Size

    1.6MB

  • Sample

    240515-pk26dahb7v

  • MD5

    d1dbd719de29a51e94199e73403b67c0

  • SHA1

    b43b902d60d13b58f83418581b3c22e5c9370348

  • SHA256

    23b9eec752137e0edce770cba133e34d952400072467bdadce0771c7774ace2c

  • SHA512

    b7edd1394bb46fbcf4c993f25987dd4344a685634508010c62f4887b85e2f8b3cd2aed23995d2b0b23edd02621635c237761316e3fee09110f1055b6ceb3f5bc

  • SSDEEP

    24576:oWP0q36f6p20Iv3pohCFdTcMMgXTH4TkxTlhBE/TJj4wcWEOSAr6HZVDvACONmW6:VMqKf600Ivp/dTcMDLTFAF8P7DSM

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      d1dbd719de29a51e94199e73403b67c0_NeikiAnalytics

    • Size

      1.6MB

    • MD5

      d1dbd719de29a51e94199e73403b67c0

    • SHA1

      b43b902d60d13b58f83418581b3c22e5c9370348

    • SHA256

      23b9eec752137e0edce770cba133e34d952400072467bdadce0771c7774ace2c

    • SHA512

      b7edd1394bb46fbcf4c993f25987dd4344a685634508010c62f4887b85e2f8b3cd2aed23995d2b0b23edd02621635c237761316e3fee09110f1055b6ceb3f5bc

    • SSDEEP

      24576:oWP0q36f6p20Iv3pohCFdTcMMgXTH4TkxTlhBE/TJj4wcWEOSAr6HZVDvACONmW6:VMqKf600Ivp/dTcMDLTFAF8P7DSM

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks