General

  • Target

    9cca9fb9cb1a86583722783860a43090_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240603-fy4fxsea52

  • MD5

    9cca9fb9cb1a86583722783860a43090

  • SHA1

    962016cb7b03e41965e9f5251890f0c6b4b08366

  • SHA256

    70e75895c6e2320c686ec60d419164736b5a10599486386b5f036ad7dcac3502

  • SHA512

    2ff74d4ab0057da5a0ce616d2b73b281a1ff53011c739e4c5a0a034fce35681a2b6bed28b56af626609d9b29d5170a98d9dc7b41ef093346b43f291557687e93

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpSb

Malware Config

Targets

    • Target

      9cca9fb9cb1a86583722783860a43090_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      9cca9fb9cb1a86583722783860a43090

    • SHA1

      962016cb7b03e41965e9f5251890f0c6b4b08366

    • SHA256

      70e75895c6e2320c686ec60d419164736b5a10599486386b5f036ad7dcac3502

    • SHA512

      2ff74d4ab0057da5a0ce616d2b73b281a1ff53011c739e4c5a0a034fce35681a2b6bed28b56af626609d9b29d5170a98d9dc7b41ef093346b43f291557687e93

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpSb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks