General

  • Target

    16dc52632f5a03360b91a31fb16e3120_NeikiAnalytics.exe

  • Size

    560KB

  • Sample

    240609-jtsqeafh4v

  • MD5

    16dc52632f5a03360b91a31fb16e3120

  • SHA1

    f24bba1c3d306b1ac0dc62268eea80be6070099a

  • SHA256

    b6086ac8659b750ccbc227c8aa177949847b733403982b3548cf65a385c1afd4

  • SHA512

    03bbb94f38a9c4ea808d18107bfb0491d52c948c101dbd42c8702d85ebfb3f45f728a2c8ca669ee81a017b7a57dd9de7f5dfc0910dd53c9bb68c53171da24e71

  • SSDEEP

    12288:YEQoSnqhxQl9ov94KpTUgRcZ1m4J02pYq+TU65ZWlkYdQdgqRXKq2mCr:YoxwWvXGgRw1BboWx1qBKHr

Malware Config

Targets

    • Target

      16dc52632f5a03360b91a31fb16e3120_NeikiAnalytics.exe

    • Size

      560KB

    • MD5

      16dc52632f5a03360b91a31fb16e3120

    • SHA1

      f24bba1c3d306b1ac0dc62268eea80be6070099a

    • SHA256

      b6086ac8659b750ccbc227c8aa177949847b733403982b3548cf65a385c1afd4

    • SHA512

      03bbb94f38a9c4ea808d18107bfb0491d52c948c101dbd42c8702d85ebfb3f45f728a2c8ca669ee81a017b7a57dd9de7f5dfc0910dd53c9bb68c53171da24e71

    • SSDEEP

      12288:YEQoSnqhxQl9ov94KpTUgRcZ1m4J02pYq+TU65ZWlkYdQdgqRXKq2mCr:YoxwWvXGgRw1BboWx1qBKHr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks