5f9ab5bb0fae6ed947e45cdff4ea5813198596cf5b93c35aa3c25d6817bf7f4d | Triage

Sharing

General

Target

5f9ab5bb0fae6ed947e45cdff4ea5813198596cf5b93c35aa3c25d6817bf7f4d_NeikiAnalytics.exe
Size

52KB
Sample

240624-ln231ayhkm
MD5

3a2093ae0a3a14bc7edff1314215bd00
SHA1

a0f5fce3fec08853c4073738e6c271b2cec2bd74
SHA256

5f9ab5bb0fae6ed947e45cdff4ea5813198596cf5b93c35aa3c25d6817bf7f4d
SHA512

486d7d85bb6bd6070134f4c77615bed86334d641ec8fc17038b2b8c1106cde190c7e197522f123ad89dc2efd4379ebbba579bf649c47d72d655a2f9ac422c775
SSDEEP

768:FlQ4hrvaEGU4aikqykezg2XpfY7CjYioRooRn6l5:fLhE1Dezg2ZfYLo+nY5

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  5f9ab5bb0fae6ed947e45cdff4ea5813198596cf5b93c35aa3c25d6817bf7f4d_NeikiAnalytics.exe
- Size
  
  52KB
- MD5
  
  3a2093ae0a3a14bc7edff1314215bd00
- SHA1
  
  a0f5fce3fec08853c4073738e6c271b2cec2bd74
- SHA256
  
  5f9ab5bb0fae6ed947e45cdff4ea5813198596cf5b93c35aa3c25d6817bf7f4d
- SHA512
  
  486d7d85bb6bd6070134f4c77615bed86334d641ec8fc17038b2b8c1106cde190c7e197522f123ad89dc2efd4379ebbba579bf649c47d72d655a2f9ac422c775
- SSDEEP
  
  768:FlQ4hrvaEGU4aikqykezg2XpfY7CjYioRooRn6l5:fLhE1Dezg2ZfYLo+nY5
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2