General

  • Target

    5066cb38175161a8636ef918df804b20_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240613-av1b7s1ckm

  • MD5

    5066cb38175161a8636ef918df804b20

  • SHA1

    7a0b7ab72119661853c8e6e5b1589e93ea08f8e0

  • SHA256

    8ec4d8607879ef302ab07eb047db673d7725ca7bf115653a3ffb61f95df1bf5f

  • SHA512

    07d34928722b79b849f0476689499401acda4e541452897b1d37e8c663b8770e8c3675f30e4f7ebddc8ffbe3a1889499e986b70a911b4c53b9717dff9a99f2c1

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpab

Malware Config

Targets

    • Target

      5066cb38175161a8636ef918df804b20_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      5066cb38175161a8636ef918df804b20

    • SHA1

      7a0b7ab72119661853c8e6e5b1589e93ea08f8e0

    • SHA256

      8ec4d8607879ef302ab07eb047db673d7725ca7bf115653a3ffb61f95df1bf5f

    • SHA512

      07d34928722b79b849f0476689499401acda4e541452897b1d37e8c663b8770e8c3675f30e4f7ebddc8ffbe3a1889499e986b70a911b4c53b9717dff9a99f2c1

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpab

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks