b2c1ab1189b5f46fe09742d55022efdd860dfe3c5fbc2c58bf7d3db7e680ea9d | Triage

Sharing

General

Target

e0c8f4b80de9c184ce2bcda36cdef5c0_NeikiAnalytics
Size

389KB
Sample

240516-qt23eafe39
MD5

e0c8f4b80de9c184ce2bcda36cdef5c0
SHA1

986549ed1b829351b97fc1cde247ea8a2e12c01b
SHA256

b2c1ab1189b5f46fe09742d55022efdd860dfe3c5fbc2c58bf7d3db7e680ea9d
SHA512

dce30bd0dd63f50122745a31526161ea59b657b1644d822782d0ec5e2b3ee0b7ca7fbf1591f7f2ccd7aa9d94dfb8566985bb309fef298bb3f2424d123474932d
SSDEEP

6144:n6+91F0OIVZRzEsOh7eANMU1v4P++IgN3AMOtMAwkMxiFWLzsVCPxABjY6E:ntQNzEsOZHoN3+CAwFVzsVCPH6

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  e0c8f4b80de9c184ce2bcda36cdef5c0_NeikiAnalytics
- Size
  
  389KB
- MD5
  
  e0c8f4b80de9c184ce2bcda36cdef5c0
- SHA1
  
  986549ed1b829351b97fc1cde247ea8a2e12c01b
- SHA256
  
  b2c1ab1189b5f46fe09742d55022efdd860dfe3c5fbc2c58bf7d3db7e680ea9d
- SHA512
  
  dce30bd0dd63f50122745a31526161ea59b657b1644d822782d0ec5e2b3ee0b7ca7fbf1591f7f2ccd7aa9d94dfb8566985bb309fef298bb3f2424d123474932d
- SSDEEP
  
  6144:n6+91F0OIVZRzEsOh7eANMU1v4P++IgN3AMOtMAwkMxiFWLzsVCPxABjY6E:ntQNzEsOZHoN3+CAwFVzsVCPH6
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2