General

  • Target

    3a20f94536e9bf91a4f57b6e0171b620_NeikiAnalytics.exe

  • Size

    705KB

  • Sample

    240612-pj6geaybpm

  • MD5

    3a20f94536e9bf91a4f57b6e0171b620

  • SHA1

    44cee2e7d5f310af0b51aff2493210c6e0ada6d2

  • SHA256

    8bc74995132f1c85b49ddabb41fde191d4dc4e35a3134c2c9c08a45ab74d672a

  • SHA512

    adbd0f688e6fff59522999e2852d4215ae633c64784283dbd618d0c24b2dde8607dd8eaa6217312019bd573d9833345964e795436dcb5c19a417c9310b97f2fe

  • SSDEEP

    12288:/n8yN0Mr8ZSj63hgD1ZiYZyWNfQnP+Q1oHiRB3mkbrVyQ:vPuZo63i26fQP+k2mB3zFyQ

Malware Config

Targets

    • Target

      3a20f94536e9bf91a4f57b6e0171b620_NeikiAnalytics.exe

    • Size

      705KB

    • MD5

      3a20f94536e9bf91a4f57b6e0171b620

    • SHA1

      44cee2e7d5f310af0b51aff2493210c6e0ada6d2

    • SHA256

      8bc74995132f1c85b49ddabb41fde191d4dc4e35a3134c2c9c08a45ab74d672a

    • SHA512

      adbd0f688e6fff59522999e2852d4215ae633c64784283dbd618d0c24b2dde8607dd8eaa6217312019bd573d9833345964e795436dcb5c19a417c9310b97f2fe

    • SSDEEP

      12288:/n8yN0Mr8ZSj63hgD1ZiYZyWNfQnP+Q1oHiRB3mkbrVyQ:vPuZo63i26fQP+k2mB3zFyQ

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks