61e10a5fc344a592defbd97891bdae28683b369c36cbfe07dfb171e37297e327 | Triage

Sharing

General

Target

d50ccedb9716792b73c8ffe03d4d2190_NeikiAnalytics.exe
Size

830KB
Sample

240524-1nkw2scc6v
MD5

d50ccedb9716792b73c8ffe03d4d2190
SHA1

c5a18fd2f1a193d71ba8521cafc799bf2fd92c90
SHA256

61e10a5fc344a592defbd97891bdae28683b369c36cbfe07dfb171e37297e327
SHA512

f70f21fb1497bd9e4763ab3cfe359efa009f2469dd4e8dda1443bd79ca664a325220c83cfb841e00f447f91bea07042e1786d2509a4c282358f46936bbdf4772
SSDEEP

24576:SPIaQ7kTm5gSRQ5UOOU62FBnO+E222YJbNEUQKGOb:uIfYTl5UbU62FAQ228QKl

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  d50ccedb9716792b73c8ffe03d4d2190_NeikiAnalytics.exe
- Size
  
  830KB
- MD5
  
  d50ccedb9716792b73c8ffe03d4d2190
- SHA1
  
  c5a18fd2f1a193d71ba8521cafc799bf2fd92c90
- SHA256
  
  61e10a5fc344a592defbd97891bdae28683b369c36cbfe07dfb171e37297e327
- SHA512
  
  f70f21fb1497bd9e4763ab3cfe359efa009f2469dd4e8dda1443bd79ca664a325220c83cfb841e00f447f91bea07042e1786d2509a4c282358f46936bbdf4772
- SSDEEP
  
  24576:SPIaQ7kTm5gSRQ5UOOU62FBnO+E222YJbNEUQKGOb:uIfYTl5UbU62FAQ228QKl
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer