General

  • Target

    cdaa45cc9fc163b174d3ed6b716ff440_NeikiAnalytics.exe

  • Size

    1.3MB

  • Sample

    240608-qx4emsca8s

  • MD5

    cdaa45cc9fc163b174d3ed6b716ff440

  • SHA1

    d0021783ca28ff18e478543dcfc4ca4b308bfb0b

  • SHA256

    d668e7f1296d196c6d67532b8cc68a640ee633ba9fff6ba5c3538ffc2c763573

  • SHA512

    f0d86aedc000b9ba010d77940b9f4b6f4ee1d937914022e7a266613b7777be7ee8b2a17dc9683de24dd3c541841840c696e88bad72a4614b8bdafd7ab58b22c3

  • SSDEEP

    24576:86VGqXx67owU/qU7TV815UAeVrPYuKl9Ki37bg748qqCRbUx1CznI1v:5VGqx67g7I0pYu+Ngs8q9bUxA7I1v

Malware Config

Targets

    • Target

      cdaa45cc9fc163b174d3ed6b716ff440_NeikiAnalytics.exe

    • Size

      1.3MB

    • MD5

      cdaa45cc9fc163b174d3ed6b716ff440

    • SHA1

      d0021783ca28ff18e478543dcfc4ca4b308bfb0b

    • SHA256

      d668e7f1296d196c6d67532b8cc68a640ee633ba9fff6ba5c3538ffc2c763573

    • SHA512

      f0d86aedc000b9ba010d77940b9f4b6f4ee1d937914022e7a266613b7777be7ee8b2a17dc9683de24dd3c541841840c696e88bad72a4614b8bdafd7ab58b22c3

    • SSDEEP

      24576:86VGqXx67owU/qU7TV815UAeVrPYuKl9Ki37bg748qqCRbUx1CznI1v:5VGqx67g7I0pYu+Ngs8q9bUxA7I1v

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks