7731a8d02694720ae2a3ee14eb8e8fdda8eae097da94c76d5994dbd37ecd7d3b | Triage

Sharing

General

Target

2ca8426cae8047540cc2d95b3a72bea0_NeikiAnalytics.exe
Size

4.9MB
Sample

240519-yvvzgsfd84
MD5

2ca8426cae8047540cc2d95b3a72bea0
SHA1

520f239e9815392d30af5747837ea19872db2c98
SHA256

7731a8d02694720ae2a3ee14eb8e8fdda8eae097da94c76d5994dbd37ecd7d3b
SHA512

fc895c4d19b62a73a6ccd8f5f40d36a4d4f4ee087008ad2909cac949a1abeec9b80cd947dbe00b51cdb20cf6563cf46027cbb174cbf9e1ebc8e38e3df644c074
SSDEEP

24576:C8JaBU77hHXbphz71sbABV2jR6OsIu65C4YKOJSaJpzz4KyGqhXnKhWV7VtEyX4q:9U

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  2ca8426cae8047540cc2d95b3a72bea0_NeikiAnalytics.exe
- Size
  
  4.9MB
- MD5
  
  2ca8426cae8047540cc2d95b3a72bea0
- SHA1
  
  520f239e9815392d30af5747837ea19872db2c98
- SHA256
  
  7731a8d02694720ae2a3ee14eb8e8fdda8eae097da94c76d5994dbd37ecd7d3b
- SHA512
  
  fc895c4d19b62a73a6ccd8f5f40d36a4d4f4ee087008ad2909cac949a1abeec9b80cd947dbe00b51cdb20cf6563cf46027cbb174cbf9e1ebc8e38e3df644c074
- SSDEEP
  
  24576:C8JaBU77hHXbphz71sbABV2jR6OsIu65C4YKOJSaJpzz4KyGqhXnKhWV7VtEyX4q:9U
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer