General

  • Target

    49dfd2e25c43861f4d5f6961ba5ac600_NeikiAnalytics.exe

  • Size

    3.1MB

  • Sample

    240602-hgc9hsee75

  • MD5

    49dfd2e25c43861f4d5f6961ba5ac600

  • SHA1

    32e4c76bdd083579a1c0feb27f03f60ef268e0ec

  • SHA256

    cf448b9294c17a21008178636ad6ee4f9a5fd73be256681a7905b98689f8f301

  • SHA512

    a4878d6b3bddf6ad09d578c134b79610eb457d2855630e08852a208d9cf709ca20d78759f6e5e3ca84f94dc67eb94aadbc6c6ec724831802114ee77138eb7110

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBuB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpJbVz8eLFc

Malware Config

Targets

    • Target

      49dfd2e25c43861f4d5f6961ba5ac600_NeikiAnalytics.exe

    • Size

      3.1MB

    • MD5

      49dfd2e25c43861f4d5f6961ba5ac600

    • SHA1

      32e4c76bdd083579a1c0feb27f03f60ef268e0ec

    • SHA256

      cf448b9294c17a21008178636ad6ee4f9a5fd73be256681a7905b98689f8f301

    • SHA512

      a4878d6b3bddf6ad09d578c134b79610eb457d2855630e08852a208d9cf709ca20d78759f6e5e3ca84f94dc67eb94aadbc6c6ec724831802114ee77138eb7110

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBuB/bSqz8b6LNXJqI:sxX7QnxrloE5dpUpJbVz8eLFc

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks