General

  • Target

    5c0c2fc69656e74ab8edbe36b8e9ef20_NeikiAnalytics.exe

  • Size

    467KB

  • Sample

    240613-edp75axanq

  • MD5

    5c0c2fc69656e74ab8edbe36b8e9ef20

  • SHA1

    7fce94f7f5babda85ad0aed3ddf179484f30f287

  • SHA256

    849f94425211387b7ee32ce2959c35102b76834cdc4a31f207f8b35b53fee6d0

  • SHA512

    999cd699dc13913c651a393446442db12287b1d8c6c40179aa77a694a482d0c3e87d0ade6776fbdec17c43a263a26f190071fb0fc6f7ee39c0aa89fca4188db1

  • SSDEEP

    6144:/rTfUHeeSKOS9ccFKk3Y9t9YZaCGUeKJCCrwqzOD:/n8yN0Mr8ZxvBMqzy

Malware Config

Targets

    • Target

      5c0c2fc69656e74ab8edbe36b8e9ef20_NeikiAnalytics.exe

    • Size

      467KB

    • MD5

      5c0c2fc69656e74ab8edbe36b8e9ef20

    • SHA1

      7fce94f7f5babda85ad0aed3ddf179484f30f287

    • SHA256

      849f94425211387b7ee32ce2959c35102b76834cdc4a31f207f8b35b53fee6d0

    • SHA512

      999cd699dc13913c651a393446442db12287b1d8c6c40179aa77a694a482d0c3e87d0ade6776fbdec17c43a263a26f190071fb0fc6f7ee39c0aa89fca4188db1

    • SSDEEP

      6144:/rTfUHeeSKOS9ccFKk3Y9t9YZaCGUeKJCCrwqzOD:/n8yN0Mr8ZxvBMqzy

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks