General

  • Target

    87539b262882915ee5e8b863fccea410_NeikiAnalytics.exe

  • Size

    1.4MB

  • Sample

    240523-p37htabc24

  • MD5

    87539b262882915ee5e8b863fccea410

  • SHA1

    1588f339647b7603b2418b05a80aab334f75e89d

  • SHA256

    52350936a08be514f83eaaead34623358b61a368d8c331b03f757ac24c821706

  • SHA512

    d0da8dad1a8ba392bb5c5b92d37e511efac91469c83c9373b750d6484d8ab8d0b88d536da62e4dc093fef939ed39cca5f7d4fecca076f7e9d0fb588919a504e3

  • SSDEEP

    24576:zQ5aILMCfmAUjzX677WOMcT/X2dI7T2FAoUcUOp6doF5ES/o4E:E5aIwC+Agr6tdlmU1/eo4E

Malware Config

Targets

    • Target

      87539b262882915ee5e8b863fccea410_NeikiAnalytics.exe

    • Size

      1.4MB

    • MD5

      87539b262882915ee5e8b863fccea410

    • SHA1

      1588f339647b7603b2418b05a80aab334f75e89d

    • SHA256

      52350936a08be514f83eaaead34623358b61a368d8c331b03f757ac24c821706

    • SHA512

      d0da8dad1a8ba392bb5c5b92d37e511efac91469c83c9373b750d6484d8ab8d0b88d536da62e4dc093fef939ed39cca5f7d4fecca076f7e9d0fb588919a504e3

    • SSDEEP

      24576:zQ5aILMCfmAUjzX677WOMcT/X2dI7T2FAoUcUOp6doF5ES/o4E:E5aIwC+Agr6tdlmU1/eo4E

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Stops running service(s)

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks