General

  • Target

    3da0bc358484f2e46af9b49477a02d30_NeikiAnalytics.exe

  • Size

    3.9MB

  • Sample

    240602-fzffgscc5t

  • MD5

    3da0bc358484f2e46af9b49477a02d30

  • SHA1

    627cc53b3500435a85a7450661b856c53dff6c4c

  • SHA256

    0e91834343c6661218e8a21db25d99929223c795391f8d619feeb578c0e62320

  • SHA512

    f53a68fea49f24434cd8a3f50be1581cc8d2256a6d9a7a5773fb4e1a1df89d18b78c8dfbd57fc7a3c53c65ab51d8823840ed534b2f749f79a1e37b68267c8e1d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB4B/bSqz8:sxX7QnxrloE5dpUprbVz8

Malware Config

Targets

    • Target

      3da0bc358484f2e46af9b49477a02d30_NeikiAnalytics.exe

    • Size

      3.9MB

    • MD5

      3da0bc358484f2e46af9b49477a02d30

    • SHA1

      627cc53b3500435a85a7450661b856c53dff6c4c

    • SHA256

      0e91834343c6661218e8a21db25d99929223c795391f8d619feeb578c0e62320

    • SHA512

      f53a68fea49f24434cd8a3f50be1581cc8d2256a6d9a7a5773fb4e1a1df89d18b78c8dfbd57fc7a3c53c65ab51d8823840ed534b2f749f79a1e37b68267c8e1d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB4B/bSqz8:sxX7QnxrloE5dpUprbVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks