General

  • Target

    199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe

  • Size

    838KB

  • Sample

    240604-a84xjsgb99

  • MD5

    199500c3d34a43f4dbbb5cc35beff8c0

  • SHA1

    61939a26af8f833a2e371974bb8ae27a73468a56

  • SHA256

    bcf9fd3a24f8a9b939aebf10bba38a10882850ea11535fce1511c155f345571b

  • SHA512

    78640384d2aa4d9c7681d2c0c4e77946881652475c9f13ea51c6535910bf7cfb7e118a75f9906d2fb69ae59e1f8ea3bbe0cfc4be42290db62977a5ddf8b1013e

  • SSDEEP

    24576:bSLYF8q75HmwdfF+X84ivwWyA3U1+duLpplldUBw4y/L3:bx4wVoAvwWP3BdokBwl3

Malware Config

Targets

    • Target

      199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe

    • Size

      838KB

    • MD5

      199500c3d34a43f4dbbb5cc35beff8c0

    • SHA1

      61939a26af8f833a2e371974bb8ae27a73468a56

    • SHA256

      bcf9fd3a24f8a9b939aebf10bba38a10882850ea11535fce1511c155f345571b

    • SHA512

      78640384d2aa4d9c7681d2c0c4e77946881652475c9f13ea51c6535910bf7cfb7e118a75f9906d2fb69ae59e1f8ea3bbe0cfc4be42290db62977a5ddf8b1013e

    • SSDEEP

      24576:bSLYF8q75HmwdfF+X84ivwWyA3U1+duLpplldUBw4y/L3:bx4wVoAvwWP3BdokBwl3

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks