General

  • Target

    028c3c04a24b14be11d3bb65fb2e0830_NeikiAnalytics.exe

  • Size

    2.7MB

  • Sample

    240601-2bpj5sgg4z

  • MD5

    028c3c04a24b14be11d3bb65fb2e0830

  • SHA1

    46982ad23022b8fe2874c76c8634f9af674e43bb

  • SHA256

    ad908f4d9877eba820d6870ee106cae17cef578ef5739d250e259d84b967d153

  • SHA512

    cb907719d460d08845683175a578a424a861770517699d850694546a11ca55284e8817ba2c5cff6d2e778e312ee8d9e6651f93da31e14e85347734735e699482

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBe9w4Sx:+R0pI/IQlUoMPdmpSp04

Malware Config

Targets

    • Target

      028c3c04a24b14be11d3bb65fb2e0830_NeikiAnalytics.exe

    • Size

      2.7MB

    • MD5

      028c3c04a24b14be11d3bb65fb2e0830

    • SHA1

      46982ad23022b8fe2874c76c8634f9af674e43bb

    • SHA256

      ad908f4d9877eba820d6870ee106cae17cef578ef5739d250e259d84b967d153

    • SHA512

      cb907719d460d08845683175a578a424a861770517699d850694546a11ca55284e8817ba2c5cff6d2e778e312ee8d9e6651f93da31e14e85347734735e699482

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBe9w4Sx:+R0pI/IQlUoMPdmpSp04

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks