General

  • Target

    9a9e3d0c4412049cc21f32a28ca2b260_NeikiAnalytics.exe

  • Size

    830KB

  • Sample

    240614-crfvha1hpc

  • MD5

    9a9e3d0c4412049cc21f32a28ca2b260

  • SHA1

    fc503e3aae0789bdb03484a20fa242fc64bf6ec6

  • SHA256

    76de4edc0644250b7ff9d46c94c988559188495ef51ce586a6167946c841ed5b

  • SHA512

    91ecd9fcc23504d7160d85ebf55f96714f1f2d2819a93aef08ad645de2308c98fd30211513fa72211a88bf09a73dce43c621e24025688302bb2ca22dc37923d6

  • SSDEEP

    24576:WPIaQ7kTm5Yt/sBlDqgZQd6XKtiMJYiPU:aIfYTp/snji6attJM

Malware Config

Targets

    • Target

      9a9e3d0c4412049cc21f32a28ca2b260_NeikiAnalytics.exe

    • Size

      830KB

    • MD5

      9a9e3d0c4412049cc21f32a28ca2b260

    • SHA1

      fc503e3aae0789bdb03484a20fa242fc64bf6ec6

    • SHA256

      76de4edc0644250b7ff9d46c94c988559188495ef51ce586a6167946c841ed5b

    • SHA512

      91ecd9fcc23504d7160d85ebf55f96714f1f2d2819a93aef08ad645de2308c98fd30211513fa72211a88bf09a73dce43c621e24025688302bb2ca22dc37923d6

    • SSDEEP

      24576:WPIaQ7kTm5Yt/sBlDqgZQd6XKtiMJYiPU:aIfYTp/snji6attJM

    • Executes dropped EXE

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks