General

  • Target

    9ca51573e0cb4304882be55258b1ed00_NeikiAnalytics.exe

  • Size

    4.0MB

  • Sample

    240603-fvzzbscf5z

  • MD5

    9ca51573e0cb4304882be55258b1ed00

  • SHA1

    ec607436a3d3e9aabec51898ac78d8af5a2d803c

  • SHA256

    6a41d47b3f94005cc814cded312af52f35dfbc38f402840581ffabe1fe2f3b9d

  • SHA512

    a9b46880234eb859150edd23d292bd5eeb736574501a37aa8f6599f0ba3bed99afec5a361f2314d97e568ae0a00e02b7798f91569ffb5237b792e0bfbf13b520

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBGB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp5bVz8eLFcz

Malware Config

Targets

    • Target

      9ca51573e0cb4304882be55258b1ed00_NeikiAnalytics.exe

    • Size

      4.0MB

    • MD5

      9ca51573e0cb4304882be55258b1ed00

    • SHA1

      ec607436a3d3e9aabec51898ac78d8af5a2d803c

    • SHA256

      6a41d47b3f94005cc814cded312af52f35dfbc38f402840581ffabe1fe2f3b9d

    • SHA512

      a9b46880234eb859150edd23d292bd5eeb736574501a37aa8f6599f0ba3bed99afec5a361f2314d97e568ae0a00e02b7798f91569ffb5237b792e0bfbf13b520

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBGB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp5bVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks