General

  • Target

    68cca3706cf94a4ab01e5348dc090160_NeikiAnalytics.exe

  • Size

    91KB

  • Sample

    240607-s651yaaf2v

  • MD5

    68cca3706cf94a4ab01e5348dc090160

  • SHA1

    d86312a22e2000f9358c892bfe7996a28727b0d6

  • SHA256

    921f18bdb63225ae82a72100c354723db372981a997d85a5d48bfe3745573008

  • SHA512

    abc0bd1c6dfa4bf4595ead42b901f9a7dacc9a43309cab76bcb8d8efeebecff7f5c386664a5e794bcacc491a22fcdd17c5826362e741bc061d4a5cebe8366cad

  • SSDEEP

    1536:N5VzcfA/6LrVpL74gfh16nV8TsKRVlCKXneQDr/RAvZ4ldtONCgMhoOJGP5eV2ea:/V2A/gVh74gpgV8+AjpU4loZ2yenox

Malware Config

Targets

    • Target

      68cca3706cf94a4ab01e5348dc090160_NeikiAnalytics.exe

    • Size

      91KB

    • MD5

      68cca3706cf94a4ab01e5348dc090160

    • SHA1

      d86312a22e2000f9358c892bfe7996a28727b0d6

    • SHA256

      921f18bdb63225ae82a72100c354723db372981a997d85a5d48bfe3745573008

    • SHA512

      abc0bd1c6dfa4bf4595ead42b901f9a7dacc9a43309cab76bcb8d8efeebecff7f5c386664a5e794bcacc491a22fcdd17c5826362e741bc061d4a5cebe8366cad

    • SSDEEP

      1536:N5VzcfA/6LrVpL74gfh16nV8TsKRVlCKXneQDr/RAvZ4ldtONCgMhoOJGP5eV2ea:/V2A/gVh74gpgV8+AjpU4loZ2yenox

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks