General

  • Target

    4b36f3303cd36b5460609986c7270670_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240612-2zmepaxgrn

  • MD5

    4b36f3303cd36b5460609986c7270670

  • SHA1

    a5e4f5b30ed8574385583a6297555a008c6e6f3a

  • SHA256

    b80f65929da3c67a85a0322b941813d23fdb4413d212c7fdd86a64fc6702128e

  • SHA512

    20d95a3b72509404a664cb98a02879575d4ec580eb1f27c5c9a55b55c2eadb25b753767010c2a469c714b0b6f43658a4f132fd55e392f356f1141b9c6d52a0a2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

Malware Config

Targets

    • Target

      4b36f3303cd36b5460609986c7270670_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      4b36f3303cd36b5460609986c7270670

    • SHA1

      a5e4f5b30ed8574385583a6297555a008c6e6f3a

    • SHA256

      b80f65929da3c67a85a0322b941813d23fdb4413d212c7fdd86a64fc6702128e

    • SHA512

      20d95a3b72509404a664cb98a02879575d4ec580eb1f27c5c9a55b55c2eadb25b753767010c2a469c714b0b6f43658a4f132fd55e392f356f1141b9c6d52a0a2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks