General

  • Target

    50dc838f909c3f2772c8ffa84dba5940_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240613-a1e88axdqe

  • MD5

    50dc838f909c3f2772c8ffa84dba5940

  • SHA1

    cbdc80d4aa5f240a6c9453dd438018e8792e42ca

  • SHA256

    3fb57e31e644e15ad5de68b1906f938576a0769291c231bba2f0500114c4e56b

  • SHA512

    c8276e0fca84a67e39fab9fc9f7dd3cfe7b6d7ee1df49e24dda21272c2f50b8f504c9116d39a5978f0b611d8473cee0c74e222d11b75e1e556366732f98bc1c8

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBvB/bS:sxX7QnxrloE5dpUpUb

Malware Config

Targets

    • Target

      50dc838f909c3f2772c8ffa84dba5940_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      50dc838f909c3f2772c8ffa84dba5940

    • SHA1

      cbdc80d4aa5f240a6c9453dd438018e8792e42ca

    • SHA256

      3fb57e31e644e15ad5de68b1906f938576a0769291c231bba2f0500114c4e56b

    • SHA512

      c8276e0fca84a67e39fab9fc9f7dd3cfe7b6d7ee1df49e24dda21272c2f50b8f504c9116d39a5978f0b611d8473cee0c74e222d11b75e1e556366732f98bc1c8

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBvB/bS:sxX7QnxrloE5dpUpUb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks