General

  • Target

    c65634aabf6a4b2398df08d97f328cb0_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240527-q7qljafg98

  • MD5

    c65634aabf6a4b2398df08d97f328cb0

  • SHA1

    955948db9d5f82e302dffa4fb9c3c7c07cef19ea

  • SHA256

    dba1d47ff3670773afe1d7d2ae3a46285dbcb7e378fc3056efdf4dffd38a33ee

  • SHA512

    3e0cad255162cab18dcc168a8b42bc51d7b9945a997f2ba630448bcd82ca7a69d41b69decc2b677c9bda0bdaa1d2ba0cc76afadc2bea0d4c17c0d83686176dff

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bS:sxX7QnxrloE5dpUp7b

Malware Config

Targets

    • Target

      c65634aabf6a4b2398df08d97f328cb0_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      c65634aabf6a4b2398df08d97f328cb0

    • SHA1

      955948db9d5f82e302dffa4fb9c3c7c07cef19ea

    • SHA256

      dba1d47ff3670773afe1d7d2ae3a46285dbcb7e378fc3056efdf4dffd38a33ee

    • SHA512

      3e0cad255162cab18dcc168a8b42bc51d7b9945a997f2ba630448bcd82ca7a69d41b69decc2b677c9bda0bdaa1d2ba0cc76afadc2bea0d4c17c0d83686176dff

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bS:sxX7QnxrloE5dpUp7b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks