General

  • Target

    a9a0ab0dc7c381cf0e7cde347744dee0_NeikiAnalytics.exe

  • Size

    4.1MB

  • Sample

    240614-hbw5faydlg

  • MD5

    a9a0ab0dc7c381cf0e7cde347744dee0

  • SHA1

    348e12ee1dc1f43ca3604af8d50ce90c447db379

  • SHA256

    93f7111af91cf56c3770d5c7157fc88349c2ba835c005994a5584b3e39742dff

  • SHA512

    2e08977678df38457d29fafa17aa5413a97da081044a946accabc32816103d7723bb68d499270d31df4089a8f514690114d310487190da0f907a0aa31cb05092

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpEbVz8eLFcz

Malware Config

Targets

    • Target

      a9a0ab0dc7c381cf0e7cde347744dee0_NeikiAnalytics.exe

    • Size

      4.1MB

    • MD5

      a9a0ab0dc7c381cf0e7cde347744dee0

    • SHA1

      348e12ee1dc1f43ca3604af8d50ce90c447db379

    • SHA256

      93f7111af91cf56c3770d5c7157fc88349c2ba835c005994a5584b3e39742dff

    • SHA512

      2e08977678df38457d29fafa17aa5413a97da081044a946accabc32816103d7723bb68d499270d31df4089a8f514690114d310487190da0f907a0aa31cb05092

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpEbVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks