General

  • Target

    191454eeb335a094c197c5f65025f6a0_NeikiAnalytics.exe

  • Size

    400KB

  • Sample

    240602-bgqfhsea75

  • MD5

    191454eeb335a094c197c5f65025f6a0

  • SHA1

    796cc9823c9b9b907d446c0bedea02e690f15e1a

  • SHA256

    f39b169eb28cc28c564d4c126ea4591756ad25a2b2af882918c5735e32d85ae1

  • SHA512

    7697c7a979c8e9aa6d25d9e2cdae2dfc403d28fb49908885b88dddf4f1a8becdca07394fa80ebdc364a0bd285907460411f909e14d0146033b84019379cf18b1

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YU4u4p/M4rwh+PjRE+2T2K:9n8yN0Mr8UD4pE4mpr

Malware Config

Targets

    • Target

      191454eeb335a094c197c5f65025f6a0_NeikiAnalytics.exe

    • Size

      400KB

    • MD5

      191454eeb335a094c197c5f65025f6a0

    • SHA1

      796cc9823c9b9b907d446c0bedea02e690f15e1a

    • SHA256

      f39b169eb28cc28c564d4c126ea4591756ad25a2b2af882918c5735e32d85ae1

    • SHA512

      7697c7a979c8e9aa6d25d9e2cdae2dfc403d28fb49908885b88dddf4f1a8becdca07394fa80ebdc364a0bd285907460411f909e14d0146033b84019379cf18b1

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YU4u4p/M4rwh+PjRE+2T2K:9n8yN0Mr8UD4pE4mpr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks