General

  • Target

    041283b56040c863cca9eb52ce748d20_NeikiAnalytics.exe

  • Size

    357KB

  • Sample

    240617-z8zehayekq

  • MD5

    041283b56040c863cca9eb52ce748d20

  • SHA1

    1b17587745dc831171440dcfb6f402cb68fc1a9a

  • SHA256

    758dd7d7ac88884a492614ed52fd59c44b9dbf0d9189bb2159d931b75bdc4127

  • SHA512

    a7c19f7277cfd825dcf528c37cca90e49fd1497a78d7284924b45ff97ba1cb52300c6150508c535fbfe42ff2ee89b8627c208e492eaec76f406a4e8dd7ca967c

  • SSDEEP

    6144:k95wtKY9gTllpKGrUxng9IKA/i6nOg5VT/hiO:UFhKnOgPZiO

Malware Config

Targets

    • Target

      041283b56040c863cca9eb52ce748d20_NeikiAnalytics.exe

    • Size

      357KB

    • MD5

      041283b56040c863cca9eb52ce748d20

    • SHA1

      1b17587745dc831171440dcfb6f402cb68fc1a9a

    • SHA256

      758dd7d7ac88884a492614ed52fd59c44b9dbf0d9189bb2159d931b75bdc4127

    • SHA512

      a7c19f7277cfd825dcf528c37cca90e49fd1497a78d7284924b45ff97ba1cb52300c6150508c535fbfe42ff2ee89b8627c208e492eaec76f406a4e8dd7ca967c

    • SSDEEP

      6144:k95wtKY9gTllpKGrUxng9IKA/i6nOg5VT/hiO:UFhKnOgPZiO

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Event Triggered Execution

1
T1546

Change Default File Association

1
T1546.001

Privilege Escalation

Event Triggered Execution

1
T1546

Change Default File Association

1
T1546.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Collection

Data from Local System

1
T1005

Tasks