General

  • Target

    556e55c696c9cd1887cf52688197b060_NeikiAnalytics.exe

  • Size

    78KB

  • Sample

    240613-ceg7sszgrd

  • MD5

    556e55c696c9cd1887cf52688197b060

  • SHA1

    86211702d8d936baad4317eb371ac906e2e8b127

  • SHA256

    6f3c99fc3682d3a17e3f1916bddf296ae87e4c4e0aeb969c36a35f9a2f904132

  • SHA512

    b17a0da37821ceecc5761e15a34376cb17fc93f609b77f1c1d70c0a869feb7f2f1226327f6f15f5cc92d5dd8dfb596e83d781e815ffd3e6db0dcc81e6c9ca396

  • SSDEEP

    768:RpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qhr:7eTce/U/hKYuKPHisKldhr

Malware Config

Targets

    • Target

      556e55c696c9cd1887cf52688197b060_NeikiAnalytics.exe

    • Size

      78KB

    • MD5

      556e55c696c9cd1887cf52688197b060

    • SHA1

      86211702d8d936baad4317eb371ac906e2e8b127

    • SHA256

      6f3c99fc3682d3a17e3f1916bddf296ae87e4c4e0aeb969c36a35f9a2f904132

    • SHA512

      b17a0da37821ceecc5761e15a34376cb17fc93f609b77f1c1d70c0a869feb7f2f1226327f6f15f5cc92d5dd8dfb596e83d781e815ffd3e6db0dcc81e6c9ca396

    • SSDEEP

      768:RpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qhr:7eTce/U/hKYuKPHisKldhr

    • Modifies visibility of file extensions in Explorer

    • Disables RegEdit via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks