General

  • Target

    1a095d40206c6e0bd7024575584424b0_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240602-bk1ewsdf7w

  • MD5

    1a095d40206c6e0bd7024575584424b0

  • SHA1

    4cbc5d6130caea97c87409c8dd8980226ce3b917

  • SHA256

    ac8ce04ef4b46034277bbf627ae9decb8f048baa5a72bc2b9836ff07f0fd40c1

  • SHA512

    600982ee357c41639ad5cff7e60ec0e55118facd3124506f8b33a98058a588a1d1c83afab65620d76b1f8ce478cacce8daf86735da83c11dcb54516df3bbcb4e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqz8:sxX7QnxrloE5dpUp4bVz8

Malware Config

Targets

    • Target

      1a095d40206c6e0bd7024575584424b0_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      1a095d40206c6e0bd7024575584424b0

    • SHA1

      4cbc5d6130caea97c87409c8dd8980226ce3b917

    • SHA256

      ac8ce04ef4b46034277bbf627ae9decb8f048baa5a72bc2b9836ff07f0fd40c1

    • SHA512

      600982ee357c41639ad5cff7e60ec0e55118facd3124506f8b33a98058a588a1d1c83afab65620d76b1f8ce478cacce8daf86735da83c11dcb54516df3bbcb4e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqz8:sxX7QnxrloE5dpUp4bVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks