General

  • Target

    5a0861fcea3df7725076f609e1c04fa0_NeikiAnalytics.exe

  • Size

    3.6MB

  • Sample

    240613-drlanawcql

  • MD5

    5a0861fcea3df7725076f609e1c04fa0

  • SHA1

    0a65acfe7c85e40f7bbec326950671841b9e3634

  • SHA256

    cec4f0f681ba56db89bdccc1a490c9f310fe795b6d8653d3726ad0bc44e80e54

  • SHA512

    479bb9d2ff82b3c75ce9517def0311c2e389a1f2c40989b7a85be221b487a84355495e24827ae1c72b7c2889e4f90bafb3d0c5dc2dc34bb210183c2f5f1f6586

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp+bVz8eLFcz

Malware Config

Targets

    • Target

      5a0861fcea3df7725076f609e1c04fa0_NeikiAnalytics.exe

    • Size

      3.6MB

    • MD5

      5a0861fcea3df7725076f609e1c04fa0

    • SHA1

      0a65acfe7c85e40f7bbec326950671841b9e3634

    • SHA256

      cec4f0f681ba56db89bdccc1a490c9f310fe795b6d8653d3726ad0bc44e80e54

    • SHA512

      479bb9d2ff82b3c75ce9517def0311c2e389a1f2c40989b7a85be221b487a84355495e24827ae1c72b7c2889e4f90bafb3d0c5dc2dc34bb210183c2f5f1f6586

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBJB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp+bVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks