Overview

overview

7

Static

static

3

53b6893275...cs.exe

windows7-x64

7

53b6893275...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    53b6893275b0d30ae7e849bc35c83770_NeikiAnalytics.exe

  • Size

    491KB

  • Sample

    240602-jksn2sfb8t

  • MD5

    53b6893275b0d30ae7e849bc35c83770

  • SHA1

    d1cb16698912c6f2010ee71d29821f3f07872014

  • SHA256

    d8618afa0475685bf2565c71ac891c8461b6acd6a193def71430dcc5171aca74

  • SHA512

    e4bfb55288669c39707c4986172c3a0597d8e1c9f0b875ffc007da83bfe613e708e23cf9b2ccaab002b7642196019cc19e7c644e5e66361077f0e759017671e3

  • SSDEEP

    12288:vtOqVJIzLKZYBiEZX7yU9gb+WE7Z9qCHmaJ8IIPZ:gO62ZYzPWE7Z9JGaJruZ

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      53b6893275b0d30ae7e849bc35c83770_NeikiAnalytics.exe

    • Size

      491KB

    • MD5

      53b6893275b0d30ae7e849bc35c83770

    • SHA1

      d1cb16698912c6f2010ee71d29821f3f07872014

    • SHA256

      d8618afa0475685bf2565c71ac891c8461b6acd6a193def71430dcc5171aca74

    • SHA512

      e4bfb55288669c39707c4986172c3a0597d8e1c9f0b875ffc007da83bfe613e708e23cf9b2ccaab002b7642196019cc19e7c644e5e66361077f0e759017671e3

    • SSDEEP

      12288:vtOqVJIzLKZYBiEZX7yU9gb+WE7Z9qCHmaJ8IIPZ:gO62ZYzPWE7Z9JGaJruZ

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks