Overview

overview

7

Static

static

3

a4f8186bb1...cs.exe

windows7-x64

7

a4f8186bb1...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a4f8186bb1cb8baa32a3e15211c1ff00_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240603-qqxnhshd38

  • MD5

    a4f8186bb1cb8baa32a3e15211c1ff00

  • SHA1

    f795b45887a1c54f3dd1995d34333c18b5d9df91

  • SHA256

    8d717947ef3ba6a5263d1669c23d50fbbb0ae8d0dedc0d788cc493c976a4999c

  • SHA512

    46c5bea7075bf7d42b1f3cfff0cf876c726f5844c84895dea02084a8a3b650f2a95342efd3d1431b946d969c5e0ff655148697d0075ee209f3c96376e77f2a58

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bSqz8:sxX7QnxrloE5dpUpSbVz8

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a4f8186bb1cb8baa32a3e15211c1ff00_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      a4f8186bb1cb8baa32a3e15211c1ff00

    • SHA1

      f795b45887a1c54f3dd1995d34333c18b5d9df91

    • SHA256

      8d717947ef3ba6a5263d1669c23d50fbbb0ae8d0dedc0d788cc493c976a4999c

    • SHA512

      46c5bea7075bf7d42b1f3cfff0cf876c726f5844c84895dea02084a8a3b650f2a95342efd3d1431b946d969c5e0ff655148697d0075ee209f3c96376e77f2a58

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bSqz8:sxX7QnxrloE5dpUpSbVz8

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks