57d35d41b7b5c4cc68a508ec0cddc3e596685f92951674ae80488eb2a4a87f31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07d2186ae2aa19f7b0d0b6aa1e703720_NeikiAnalytics.exe
Size

104KB
Sample

240609-avwzsaah2z
MD5

07d2186ae2aa19f7b0d0b6aa1e703720
SHA1

81e26b71dd5edc843a5d0d90ee7f44f6aa4bcb46
SHA256

57d35d41b7b5c4cc68a508ec0cddc3e596685f92951674ae80488eb2a4a87f31
SHA512

96477196b7015c511fe4325698047404bcf8bd8d4f7357f2e16139a1c03acc82431a4f71719cdaeb7a35b17c432901dd824abc36a57c9bc08162df54a942b799
SSDEEP

3072:th85+Ksp8qtKQ7bCYUAVCBbaXGjdJgJNyyFJqnfa4hL:thw+7pDrbVCBbJj/Lg4nfaiL

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  07d2186ae2aa19f7b0d0b6aa1e703720_NeikiAnalytics.exe
- Size
  
  104KB
- MD5
  
  07d2186ae2aa19f7b0d0b6aa1e703720
- SHA1
  
  81e26b71dd5edc843a5d0d90ee7f44f6aa4bcb46
- SHA256
  
  57d35d41b7b5c4cc68a508ec0cddc3e596685f92951674ae80488eb2a4a87f31
- SHA512
  
  96477196b7015c511fe4325698047404bcf8bd8d4f7357f2e16139a1c03acc82431a4f71719cdaeb7a35b17c432901dd824abc36a57c9bc08162df54a942b799
- SSDEEP
  
  3072:th85+Ksp8qtKQ7bCYUAVCBbaXGjdJgJNyyFJqnfa4hL:thw+7pDrbVCBbJj/Lg4nfaiL
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer