General

  • Target

    3d8978a2d53a0eba6bc673c587b05160_NeikiAnalytics.exe

  • Size

    3.2MB

  • Sample

    240602-fywq3scg67

  • MD5

    3d8978a2d53a0eba6bc673c587b05160

  • SHA1

    b78fae57b7894b785741efaa463d7026ee0329be

  • SHA256

    85081967b6e61f3241d76a9d84e8daa72d50c04dd742fd604644ccbbc9807b04

  • SHA512

    cc2440ea51e617810640799ded00476c5ca90e27fe8199506762fb84bea5078a49e07a16ba8f940cc5317fba1d3ff6384b97355bc6a117a4d02420973e89cc55

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

Malware Config

Targets

    • Target

      3d8978a2d53a0eba6bc673c587b05160_NeikiAnalytics.exe

    • Size

      3.2MB

    • MD5

      3d8978a2d53a0eba6bc673c587b05160

    • SHA1

      b78fae57b7894b785741efaa463d7026ee0329be

    • SHA256

      85081967b6e61f3241d76a9d84e8daa72d50c04dd742fd604644ccbbc9807b04

    • SHA512

      cc2440ea51e617810640799ded00476c5ca90e27fe8199506762fb84bea5078a49e07a16ba8f940cc5317fba1d3ff6384b97355bc6a117a4d02420973e89cc55

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks