Overview

overview

7

Static

static

3

2363f05ff6...cs.exe

windows7-x64

7

2363f05ff6...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2363f05ff6196fff6e544cfb7a8cea40_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240611-cdwnsszhpk

  • MD5

    2363f05ff6196fff6e544cfb7a8cea40

  • SHA1

    5163e196178785c2812991a897e9a30384167b1a

  • SHA256

    3e3f725e0b29a7b7c9918178dead0645cca6ab41fa2b25bed666c31b39583537

  • SHA512

    941491303a4435cc5f989567bf0193eb634bd2848ad2bd35522280e1198e59838414f5fdcc9d5837aa1a3aaa970f178b6024e4774ed84b9394ad444a1142ab8f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpRbVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      2363f05ff6196fff6e544cfb7a8cea40_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      2363f05ff6196fff6e544cfb7a8cea40

    • SHA1

      5163e196178785c2812991a897e9a30384167b1a

    • SHA256

      3e3f725e0b29a7b7c9918178dead0645cca6ab41fa2b25bed666c31b39583537

    • SHA512

      941491303a4435cc5f989567bf0193eb634bd2848ad2bd35522280e1198e59838414f5fdcc9d5837aa1a3aaa970f178b6024e4774ed84b9394ad444a1142ab8f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpRbVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks