General

  • Target

    a8f7987b4114e89f5e85967062d68a10_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240614-g4fsgsybjc

  • MD5

    a8f7987b4114e89f5e85967062d68a10

  • SHA1

    dc64a61ed47b02377af05a47a61835212cca8afd

  • SHA256

    67aca80de496f19d414a00de39a384b330fa0d93ab75138672cfbc6e53bc383e

  • SHA512

    c2a4398e1f61b664ccd23e2d2d1781118a6abfcd4a0235a8dfead763a853af1d09c182ba7b93a64b51a66df06059515e25864c150af4a781d4835418ff45af83

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSqz8b6LNX:sxX7QnxrloE5dpUpfbVz8eLF

Malware Config

Targets

    • Target

      a8f7987b4114e89f5e85967062d68a10_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      a8f7987b4114e89f5e85967062d68a10

    • SHA1

      dc64a61ed47b02377af05a47a61835212cca8afd

    • SHA256

      67aca80de496f19d414a00de39a384b330fa0d93ab75138672cfbc6e53bc383e

    • SHA512

      c2a4398e1f61b664ccd23e2d2d1781118a6abfcd4a0235a8dfead763a853af1d09c182ba7b93a64b51a66df06059515e25864c150af4a781d4835418ff45af83

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSqz8b6LNX:sxX7QnxrloE5dpUpfbVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks