General

  • Target

    4cdb3dfa19737f4f138c96ca088d4be0_NeikiAnalytics.exe

  • Size

    237KB

  • Sample

    240607-l55kfsef4y

  • MD5

    4cdb3dfa19737f4f138c96ca088d4be0

  • SHA1

    3d0e106b6a9ebfef6573c23f55ed78016dfbe092

  • SHA256

    74cb8a70d55d2760735b1794c8dab545a51e0e3272b728e451f74f5aa1815373

  • SHA512

    95b7030e175a4b9e7ffa99489479e27865a8eb0da878c9a20f7f67536024ab34a11c60415f7c0a2219f3b0b9c7448d334067b13e6b3a53d8673244ecefcef39d

  • SSDEEP

    6144:YjluQoStIo5R4nM/40yJfnD7fp2ZaxHKLnKgpmr94LUEppWoV:YEQoSnqhvD7fwZdLK7x8V

Malware Config

Targets

    • Target

      4cdb3dfa19737f4f138c96ca088d4be0_NeikiAnalytics.exe

    • Size

      237KB

    • MD5

      4cdb3dfa19737f4f138c96ca088d4be0

    • SHA1

      3d0e106b6a9ebfef6573c23f55ed78016dfbe092

    • SHA256

      74cb8a70d55d2760735b1794c8dab545a51e0e3272b728e451f74f5aa1815373

    • SHA512

      95b7030e175a4b9e7ffa99489479e27865a8eb0da878c9a20f7f67536024ab34a11c60415f7c0a2219f3b0b9c7448d334067b13e6b3a53d8673244ecefcef39d

    • SSDEEP

      6144:YjluQoStIo5R4nM/40yJfnD7fp2ZaxHKLnKgpmr94LUEppWoV:YEQoSnqhvD7fwZdLK7x8V

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks