1f89b4d48b0952948a3e1bafc3a932dbf73621f69788b2ad5369e63eee2e7adb | Triage

Sharing

General

Target

25b2c8f34788d11c36b2d65b5cd2ab40_NeikiAnalytics.exe
Size

1.9MB
Sample

240523-ekqggadb8v
MD5

25b2c8f34788d11c36b2d65b5cd2ab40
SHA1

944488e0515b367fa12e856643cb7b3e72903ad6
SHA256

1f89b4d48b0952948a3e1bafc3a932dbf73621f69788b2ad5369e63eee2e7adb
SHA512

3dc6291bb7592ee53c77ed3f1db689adc897ce60b96600588f35c7b7a2e606a1062cf779cf8bb55e0b582d288b543fbb82cbd897b39aba6c9755ac0e08bbe80d
SSDEEP

24576:S78r8FfC3R32nUnCdAaKuSRnOiIsqjnhMgeiCl7G0nehbGZpbD:S/fQR37CGa6p0Dmg27RnWGj

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  25b2c8f34788d11c36b2d65b5cd2ab40_NeikiAnalytics.exe
- Size
  
  1.9MB
- MD5
  
  25b2c8f34788d11c36b2d65b5cd2ab40
- SHA1
  
  944488e0515b367fa12e856643cb7b3e72903ad6
- SHA256
  
  1f89b4d48b0952948a3e1bafc3a932dbf73621f69788b2ad5369e63eee2e7adb
- SHA512
  
  3dc6291bb7592ee53c77ed3f1db689adc897ce60b96600588f35c7b7a2e606a1062cf779cf8bb55e0b582d288b543fbb82cbd897b39aba6c9755ac0e08bbe80d
- SSDEEP
  
  24576:S78r8FfC3R32nUnCdAaKuSRnOiIsqjnhMgeiCl7G0nehbGZpbD:S/fQR37CGa6p0Dmg27RnWGj
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1