Overview

overview

7

Static

static

3

9012a5b6cf...cs.exe

windows7-x64

7

9012a5b6cf...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9012a5b6cfafc1989a62b3828b02fcc0_NeikiAnalytics.exe

  • Size

    400KB

  • Sample

    240608-f6knsahd8t

  • MD5

    9012a5b6cfafc1989a62b3828b02fcc0

  • SHA1

    45e1abb59ee705b3a4813218920614f042804e0b

  • SHA256

    65d7ba9309250bb9afc0708123a57ff483749e4599d30b5e3456cfae37628e46

  • SHA512

    9558869b4de636057b63b7ce0643ba5e37b80734c84b2ff47844f9de7b2e0ba7161fb9f5644bd0ccc7de5eccb5fd150c4217a8dc591ad975307da6b4e8590372

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YOACaA8COmjFp9nO:9n8yN0Mr8OAZA8COm/o

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      9012a5b6cfafc1989a62b3828b02fcc0_NeikiAnalytics.exe

    • Size

      400KB

    • MD5

      9012a5b6cfafc1989a62b3828b02fcc0

    • SHA1

      45e1abb59ee705b3a4813218920614f042804e0b

    • SHA256

      65d7ba9309250bb9afc0708123a57ff483749e4599d30b5e3456cfae37628e46

    • SHA512

      9558869b4de636057b63b7ce0643ba5e37b80734c84b2ff47844f9de7b2e0ba7161fb9f5644bd0ccc7de5eccb5fd150c4217a8dc591ad975307da6b4e8590372

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YOACaA8COmjFp9nO:9n8yN0Mr8OAZA8COm/o

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks