Overview

overview

7

Static

static

3

41c7a5e937...cs.exe

windows7-x64

7

41c7a5e937...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    41c7a5e937880915a79fda0fffa54086cd21a69b762b7e9a2ae41fbf579a47d3_NeikiAnalytics.exe

  • Size

    2.6MB

  • Sample

    240624-fvnw3a1eqp

  • MD5

    def1e869da80f5600d47d63a4f5ac9a0

  • SHA1

    e0a5c4186efb0c4e61630bb068e6e91e7884daf3

  • SHA256

    41c7a5e937880915a79fda0fffa54086cd21a69b762b7e9a2ae41fbf579a47d3

  • SHA512

    49671bf7026cd639afdaba65e7d3ae18ca0c83d422bd268b6b29b279ca950bacb81d3574066bb1b28989e75b42788d33dea7e7b0d9838696e699d6442a528336

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUpMb

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      41c7a5e937880915a79fda0fffa54086cd21a69b762b7e9a2ae41fbf579a47d3_NeikiAnalytics.exe

    • Size

      2.6MB

    • MD5

      def1e869da80f5600d47d63a4f5ac9a0

    • SHA1

      e0a5c4186efb0c4e61630bb068e6e91e7884daf3

    • SHA256

      41c7a5e937880915a79fda0fffa54086cd21a69b762b7e9a2ae41fbf579a47d3

    • SHA512

      49671bf7026cd639afdaba65e7d3ae18ca0c83d422bd268b6b29b279ca950bacb81d3574066bb1b28989e75b42788d33dea7e7b0d9838696e699d6442a528336

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUpMb

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks