Overview

overview

7

Static

static

3

78aa414ff4...cs.exe

windows7-x64

7

78aa414ff4...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    78aa414ff42de3790328908d859f223a2c4a8caf829042b05b540c003571c6f8_NeikiAnalytics.exe

  • Size

    654KB

  • Sample

    240624-qkqm1sxeqj

  • MD5

    549ff0f9c978b981abc7a07466bc9620

  • SHA1

    44556f7f06f6c362c3957e1fca4786d00bfb91a5

  • SHA256

    78aa414ff42de3790328908d859f223a2c4a8caf829042b05b540c003571c6f8

  • SHA512

    294f234601c53a3ecbd6ac98b7daa2340c8302831d3b58cb9b6744357464270fef91f0b9e64087fd6a7593fd7c2781e013d316cb5cb46a40eb647286a11b44f6

  • SSDEEP

    12288:dXCNi9BkjMUR3dtkteoUn6wktsp6KDAUMAFvdYQ2hmmgPFotn:oWkY+d+IoU6xtsp6WXFCHkctn

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      78aa414ff42de3790328908d859f223a2c4a8caf829042b05b540c003571c6f8_NeikiAnalytics.exe

    • Size

      654KB

    • MD5

      549ff0f9c978b981abc7a07466bc9620

    • SHA1

      44556f7f06f6c362c3957e1fca4786d00bfb91a5

    • SHA256

      78aa414ff42de3790328908d859f223a2c4a8caf829042b05b540c003571c6f8

    • SHA512

      294f234601c53a3ecbd6ac98b7daa2340c8302831d3b58cb9b6744357464270fef91f0b9e64087fd6a7593fd7c2781e013d316cb5cb46a40eb647286a11b44f6

    • SSDEEP

      12288:dXCNi9BkjMUR3dtkteoUn6wktsp6KDAUMAFvdYQ2hmmgPFotn:oWkY+d+IoU6xtsp6WXFCHkctn

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks