55a6680943aae16c189001f3566dccf20f7a80ca829e12a211432c9d3c2d20db | Triage

Sharing

General

Target

0de3f1ee1da6ffcb52540daa79453010_NeikiAnalytics.exe
Size

569KB
Sample

240521-zqm9hsac7s
MD5

0de3f1ee1da6ffcb52540daa79453010
SHA1

77ad40eeb4e5dc0da0de7820f0dd72ee758c6425
SHA256

55a6680943aae16c189001f3566dccf20f7a80ca829e12a211432c9d3c2d20db
SHA512

01d11be57398424964b0c33d24f01daec6daaef9bb9f7d5dfe427e6fa8af5965d05c37bac1edbc8253ca42fe53758b1e1bb512b0d30f0078b4a79f9e37e79b35
SSDEEP

12288:NpJcShRZhRUQ4hK137WTh0tFhfa+WHjpcf2E1eR4IrxwV:NpySZjQE13STh0tFda+CtcfR1eR

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  0de3f1ee1da6ffcb52540daa79453010_NeikiAnalytics.exe
- Size
  
  569KB
- MD5
  
  0de3f1ee1da6ffcb52540daa79453010
- SHA1
  
  77ad40eeb4e5dc0da0de7820f0dd72ee758c6425
- SHA256
  
  55a6680943aae16c189001f3566dccf20f7a80ca829e12a211432c9d3c2d20db
- SHA512
  
  01d11be57398424964b0c33d24f01daec6daaef9bb9f7d5dfe427e6fa8af5965d05c37bac1edbc8253ca42fe53758b1e1bb512b0d30f0078b4a79f9e37e79b35
- SSDEEP
  
  12288:NpJcShRZhRUQ4hK137WTh0tFhfa+WHjpcf2E1eR4IrxwV:NpySZjQE13STh0tFda+CtcfR1eR
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2