e3e99e31c614ccbd645156b25469d87c139003814fc0975a1a530f8ece39822c | Triage

Sharing

General

Target

7d4811b28f75404e7b666bb10651af50_NeikiAnalytics.exe
Size

632KB
Sample

240523-dfyfvabf47
MD5

7d4811b28f75404e7b666bb10651af50
SHA1

efe8751b4c3df9e6bbb336b0c435228831031bff
SHA256

e3e99e31c614ccbd645156b25469d87c139003814fc0975a1a530f8ece39822c
SHA512

a854b9d140946d5e3c545a155120a88ec405fc598275240c8feaf6b17f2ad8c4b942751f4da67678d817d1c4c0607835a839321af999c6cadf22d8858d7020ed
SSDEEP

12288:+58JKQ1uBeAMlwesHU8wqy2VYCIbvpOBlU1RlgIDMCZgjtGlxHZ9/I:eJ1SwPHU8X31PfU17DhZy0lxHZ9/I

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  7d4811b28f75404e7b666bb10651af50_NeikiAnalytics.exe
- Size
  
  632KB
- MD5
  
  7d4811b28f75404e7b666bb10651af50
- SHA1
  
  efe8751b4c3df9e6bbb336b0c435228831031bff
- SHA256
  
  e3e99e31c614ccbd645156b25469d87c139003814fc0975a1a530f8ece39822c
- SHA512
  
  a854b9d140946d5e3c545a155120a88ec405fc598275240c8feaf6b17f2ad8c4b942751f4da67678d817d1c4c0607835a839321af999c6cadf22d8858d7020ed
- SSDEEP
  
  12288:+58JKQ1uBeAMlwesHU8wqy2VYCIbvpOBlU1RlgIDMCZgjtGlxHZ9/I:eJ1SwPHU8X31PfU17DhZy0lxHZ9/I
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2