General

  • Target

    2171bf66b65f2eb9d57a0581cc3429a0_NeikiAnalytics.exe

  • Size

    1.4MB

  • Sample

    240525-1c2enabf22

  • MD5

    2171bf66b65f2eb9d57a0581cc3429a0

  • SHA1

    9c8d16abcc73a1ffd869f8bc775a671506eac84d

  • SHA256

    4850ce3e75ef4a7fd13243ac6afcf77745f826a3d31ea8b89938385a951764b7

  • SHA512

    bb765e7c610206d6472127f514c253d7bda6ecd35576e6f61b80b742b5c62252c0f8f34f2517121d17ffab4a05b47c9a9c6543dc52f51c37d6759f2d259001bd

  • SSDEEP

    24576:cFOaEJvKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVQ:soKzcCyEq9DRho/ctH01Ws74rA4RUBDc

Malware Config

Targets

    • Target

      2171bf66b65f2eb9d57a0581cc3429a0_NeikiAnalytics.exe

    • Size

      1.4MB

    • MD5

      2171bf66b65f2eb9d57a0581cc3429a0

    • SHA1

      9c8d16abcc73a1ffd869f8bc775a671506eac84d

    • SHA256

      4850ce3e75ef4a7fd13243ac6afcf77745f826a3d31ea8b89938385a951764b7

    • SHA512

      bb765e7c610206d6472127f514c253d7bda6ecd35576e6f61b80b742b5c62252c0f8f34f2517121d17ffab4a05b47c9a9c6543dc52f51c37d6759f2d259001bd

    • SSDEEP

      24576:cFOaEJvKzcVkyEq9DRho1jFP8ltPP01Ws7+wFPEl9ix4fpUzoQDt+egElxdqFWVQ:soKzcCyEq9DRho/ctH01Ws74rA4RUBDc

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks