Overview

overview

7

Static

static

3

89f6920464...cs.exe

windows7-x64

7

89f6920464...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    89f69204643869673379c0d78a7c7cf0_NeikiAnalytics.exe

  • Size

    2.7MB

  • Sample

    240601-cw6lqafd77

  • MD5

    89f69204643869673379c0d78a7c7cf0

  • SHA1

    93941df5825f96c22ed057fa01d4b68f9e57e862

  • SHA256

    7019a9f00e7e55a36c6b9a159226dff6efbbae0d141a6c1877321142f4e162e9

  • SHA512

    4ac19d0f02db8bf83b3fe3a09e63831ff434e1526c255125aab57993eb1a2752368302f0c9f6825b2d8cb1c2ddbe6d4d0c8f9c5a2e9a6dbde702495520ad6a7a

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB79w4Sx:+R0pI/IQlUoMPdmpSpv4

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      89f69204643869673379c0d78a7c7cf0_NeikiAnalytics.exe

    • Size

      2.7MB

    • MD5

      89f69204643869673379c0d78a7c7cf0

    • SHA1

      93941df5825f96c22ed057fa01d4b68f9e57e862

    • SHA256

      7019a9f00e7e55a36c6b9a159226dff6efbbae0d141a6c1877321142f4e162e9

    • SHA512

      4ac19d0f02db8bf83b3fe3a09e63831ff434e1526c255125aab57993eb1a2752368302f0c9f6825b2d8cb1c2ddbe6d4d0c8f9c5a2e9a6dbde702495520ad6a7a

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB79w4Sx:+R0pI/IQlUoMPdmpSpv4

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks