Overview

overview

7

Static

static

3

6ffc39a944...cs.exe

windows7-x64

7

6ffc39a944...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ffc39a9444675930e372e52ae5dc710_NeikiAnalytics.exe

  • Size

    665KB

  • Sample

    240523-b46q1sha8w

  • MD5

    6ffc39a9444675930e372e52ae5dc710

  • SHA1

    18406e2f2be926c7a82388a904a5b1c7dc97322f

  • SHA256

    eb033fdba9c0d23de6dd671a6bbaad132d7a5d840937675100a49f1d327ee055

  • SHA512

    a1fb36e133c5a4d7e08615fdb94c39e09812f7b6bc2e5b12630249929fa577baea0bfce115c543bf2c8583d3c138cbfb21d54605c2879c16d34c37e6761d3367

  • SSDEEP

    12288:3/nUHbC/V7CUMAdB8qr0zw9iXQ40AOzDr5YJjsF/5v3ZkHRik8L:3s7CAatr0zAiX90z/F0jsFB3SQkY

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      6ffc39a9444675930e372e52ae5dc710_NeikiAnalytics.exe

    • Size

      665KB

    • MD5

      6ffc39a9444675930e372e52ae5dc710

    • SHA1

      18406e2f2be926c7a82388a904a5b1c7dc97322f

    • SHA256

      eb033fdba9c0d23de6dd671a6bbaad132d7a5d840937675100a49f1d327ee055

    • SHA512

      a1fb36e133c5a4d7e08615fdb94c39e09812f7b6bc2e5b12630249929fa577baea0bfce115c543bf2c8583d3c138cbfb21d54605c2879c16d34c37e6761d3367

    • SSDEEP

      12288:3/nUHbC/V7CUMAdB8qr0zw9iXQ40AOzDr5YJjsF/5v3ZkHRik8L:3s7CAatr0zAiX90z/F0jsFB3SQkY

    Score
    7/10
    spywarestealer

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks