Overview

overview

7

Static

static

3

c31e032762...cs.exe

windows7-x64

7

c31e032762...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c31e0327620e1f1bef058ea0b95c1950_NeikiAnalytics.exe

  • Size

    667KB

  • Sample

    240517-hdem6sdh8v

  • MD5

    c31e0327620e1f1bef058ea0b95c1950

  • SHA1

    86d033fad448fd4f351d5cface6b66e109a5af0a

  • SHA256

    a49e1b12a4126ffe290e6cbf11045e2fa734a0a73c0a7759d9d24ae035e02ace

  • SHA512

    ee37fff37bfe102639a9a587f41cbc01c77951da35258bd22c70d44a4e1d8b0ec9792b858af2f0e2a7cec6b5bb3b14ad044376b69d429adbfe3222616644f1b9

  • SSDEEP

    12288:Zv1nWdQP1EDhZPxNNtoqOFBqkYHFLgufmmV/MkgPAyHv0Z:Z9ndEVf/tpOLlcgJmtSHU

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      c31e0327620e1f1bef058ea0b95c1950_NeikiAnalytics.exe

    • Size

      667KB

    • MD5

      c31e0327620e1f1bef058ea0b95c1950

    • SHA1

      86d033fad448fd4f351d5cface6b66e109a5af0a

    • SHA256

      a49e1b12a4126ffe290e6cbf11045e2fa734a0a73c0a7759d9d24ae035e02ace

    • SHA512

      ee37fff37bfe102639a9a587f41cbc01c77951da35258bd22c70d44a4e1d8b0ec9792b858af2f0e2a7cec6b5bb3b14ad044376b69d429adbfe3222616644f1b9

    • SSDEEP

      12288:Zv1nWdQP1EDhZPxNNtoqOFBqkYHFLgufmmV/MkgPAyHv0Z:Z9ndEVf/tpOLlcgJmtSHU

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks