General

  • Target

    9ca37fd0b022570c9c09f947a6e64840_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240603-fvlrpscf4y

  • MD5

    9ca37fd0b022570c9c09f947a6e64840

  • SHA1

    7a87232382d5fdba58ef30eb4ea99890f79629ef

  • SHA256

    1b534ac321013165f5de83e6ecb1168f5208e72547fa27deecbfb994f87ecc17

  • SHA512

    51e2635b638d4ad3a5604bf23e80d654d2c4ac1b9faa77f9bd2528b717effa7082be76b1a9d30d9b8ea7fb1af329c37409bd4d59b66bba6d1e1a0eb47528579e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB9B/bSqz8b6LNX:sxX7QnxrloE5dpUp2bVz8eLF

Malware Config

Targets

    • Target

      9ca37fd0b022570c9c09f947a6e64840_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      9ca37fd0b022570c9c09f947a6e64840

    • SHA1

      7a87232382d5fdba58ef30eb4ea99890f79629ef

    • SHA256

      1b534ac321013165f5de83e6ecb1168f5208e72547fa27deecbfb994f87ecc17

    • SHA512

      51e2635b638d4ad3a5604bf23e80d654d2c4ac1b9faa77f9bd2528b717effa7082be76b1a9d30d9b8ea7fb1af329c37409bd4d59b66bba6d1e1a0eb47528579e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB9B/bSqz8b6LNX:sxX7QnxrloE5dpUp2bVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks