Overview

overview

7

Static

static

3

5c295124c1...cs.exe

windows7-x64

7

5c295124c1...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5c295124c1627df6e1cbb0673074b6c0_NeikiAnalytics.exe

  • Size

    857KB

  • Sample

    240522-3wp7vadh64

  • MD5

    5c295124c1627df6e1cbb0673074b6c0

  • SHA1

    6ebb57549891bcec2f388842ff9cf60f24a90348

  • SHA256

    2782153911e1d7f2b0b9c003faa75e673db627c2f14c76c673c32cb0d47cfe56

  • SHA512

    d81152e5cb5554a002b76539f7198b441084f974ea7d740a0d38c41bb33ddde046b8767de5f77abb79d90125335f1de861842e269fc59c708935d353247d9620

  • SSDEEP

    24576:lq8zv2S3/dSbKA+e0tIPLzhMwQtSQWcikBQZ:7v7veqCLzhwEQWcPBM

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      5c295124c1627df6e1cbb0673074b6c0_NeikiAnalytics.exe

    • Size

      857KB

    • MD5

      5c295124c1627df6e1cbb0673074b6c0

    • SHA1

      6ebb57549891bcec2f388842ff9cf60f24a90348

    • SHA256

      2782153911e1d7f2b0b9c003faa75e673db627c2f14c76c673c32cb0d47cfe56

    • SHA512

      d81152e5cb5554a002b76539f7198b441084f974ea7d740a0d38c41bb33ddde046b8767de5f77abb79d90125335f1de861842e269fc59c708935d353247d9620

    • SSDEEP

      24576:lq8zv2S3/dSbKA+e0tIPLzhMwQtSQWcikBQZ:7v7veqCLzhwEQWcPBM

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks