General

  • Target

    5c08244a62b4d0b537912c76aac4c750_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240613-eddt4axamm

  • MD5

    5c08244a62b4d0b537912c76aac4c750

  • SHA1

    2043dd2595bb5ade66993ef8950454f842beba16

  • SHA256

    026c597d45d928e26b89bf7931592333194b8771ae0c3fba0c57f1a3add20f3f

  • SHA512

    7a0bc94224f729645904a2c6236ba784276155b0b209e3a3948debfdb299b1890ee20afad997d9e5b825b71be8eb770ae924864645f63da4d393da8d86027d9b

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bS:sxX7QnxrloE5dpUpIb

Malware Config

Targets

    • Target

      5c08244a62b4d0b537912c76aac4c750_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      5c08244a62b4d0b537912c76aac4c750

    • SHA1

      2043dd2595bb5ade66993ef8950454f842beba16

    • SHA256

      026c597d45d928e26b89bf7931592333194b8771ae0c3fba0c57f1a3add20f3f

    • SHA512

      7a0bc94224f729645904a2c6236ba784276155b0b209e3a3948debfdb299b1890ee20afad997d9e5b825b71be8eb770ae924864645f63da4d393da8d86027d9b

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bS:sxX7QnxrloE5dpUpIb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks