bf78813c8ad164b90229f801cfda6c7885251ae056d9c62994275cc930c75682 | Triage

Sharing

General

Target

5467f6562b47cc32166a5ead3cdf2a10_NeikiAnalytics.exe
Size

1.7MB
Sample

240522-26phmacf57
MD5

5467f6562b47cc32166a5ead3cdf2a10
SHA1

d47a7b72e6bfa6bd582b17d7b69edd458bcab4d1
SHA256

bf78813c8ad164b90229f801cfda6c7885251ae056d9c62994275cc930c75682
SHA512

53b4d7654030081af8a3791ab314a33a895a72fd3b91e594ab359270080a7d4b24aa4f46b91a887bf1d80096d7994227a1e580fb82b519ceccefb67b37943578
SSDEEP

24576:Cm3YCdCTYlT8NDFKYmKOF0zr31JwAlcR3QC0OXxc0H:H3YCUTYgDUYmvFur31yAipQCtXxc0H

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  5467f6562b47cc32166a5ead3cdf2a10_NeikiAnalytics.exe
- Size
  
  1.7MB
- MD5
  
  5467f6562b47cc32166a5ead3cdf2a10
- SHA1
  
  d47a7b72e6bfa6bd582b17d7b69edd458bcab4d1
- SHA256
  
  bf78813c8ad164b90229f801cfda6c7885251ae056d9c62994275cc930c75682
- SHA512
  
  53b4d7654030081af8a3791ab314a33a895a72fd3b91e594ab359270080a7d4b24aa4f46b91a887bf1d80096d7994227a1e580fb82b519ceccefb67b37943578
- SSDEEP
  
  24576:Cm3YCdCTYlT8NDFKYmKOF0zr31JwAlcR3QC0OXxc0H:H3YCUTYgDUYmvFur31yAipQCtXxc0H
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer