General

  • Target

    66a4a9c2dff2489bdca689cebdb50b90_NeikiAnalytics.exe

  • Size

    774KB

  • Sample

    240607-srmwtabc88

  • MD5

    66a4a9c2dff2489bdca689cebdb50b90

  • SHA1

    4ea05bb8caac3a2b0a9a12d2d6d9a4c54b79db25

  • SHA256

    cbf1172d71d10185ea75796637235b4f98773648119601e06160fde6becc9968

  • SHA512

    3ec5b7c0c9247a761ae88e0178ad97b0833720ba0d58caa04ac0c65dd3c43dc8a8c0e9641969457f54e2fade2acbc70fc38475dbf954501bc14e6398a397feff

  • SSDEEP

    24576:ggqhsuX0BiWUwUSzGxDKQ/5ii0Ht4LJLZAKh3:7qhsuXGtU7g0Oup0H6LJLLh3

Malware Config

Targets

    • Target

      66a4a9c2dff2489bdca689cebdb50b90_NeikiAnalytics.exe

    • Size

      774KB

    • MD5

      66a4a9c2dff2489bdca689cebdb50b90

    • SHA1

      4ea05bb8caac3a2b0a9a12d2d6d9a4c54b79db25

    • SHA256

      cbf1172d71d10185ea75796637235b4f98773648119601e06160fde6becc9968

    • SHA512

      3ec5b7c0c9247a761ae88e0178ad97b0833720ba0d58caa04ac0c65dd3c43dc8a8c0e9641969457f54e2fade2acbc70fc38475dbf954501bc14e6398a397feff

    • SSDEEP

      24576:ggqhsuX0BiWUwUSzGxDKQ/5ii0Ht4LJLZAKh3:7qhsuXGtU7g0Oup0H6LJLLh3

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks