Overview

overview

7

Static

static

3

978484f88e...cs.exe

windows7-x64

7

978484f88e...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    978484f88e9fc0b931b6f040eb4775528b9703c8250c46c7239dff6239361c65_NeikiAnalytics.exe

  • Size

    878KB

  • Sample

    240624-wetqdaxhqk

  • MD5

    38670ef6adf4f6a4624878df4c84dfc0

  • SHA1

    ccd12c81fb44463368e39f1beac3584f494a95e8

  • SHA256

    978484f88e9fc0b931b6f040eb4775528b9703c8250c46c7239dff6239361c65

  • SHA512

    51995893f846568bc2cd832019703652cf061e071875d32d66b74fd617ceebd042614d0f41536ceb1765f70f0c5e9840bb61657415e03328ea54e69171fcddf2

  • SSDEEP

    24576:sWTX+9g1oNBgDLl24lQAYgCfJneVVcj7Vd04YE2AQRttb:BbegIgDA7AOfJnec7Vy4b2AQntb

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      978484f88e9fc0b931b6f040eb4775528b9703c8250c46c7239dff6239361c65_NeikiAnalytics.exe

    • Size

      878KB

    • MD5

      38670ef6adf4f6a4624878df4c84dfc0

    • SHA1

      ccd12c81fb44463368e39f1beac3584f494a95e8

    • SHA256

      978484f88e9fc0b931b6f040eb4775528b9703c8250c46c7239dff6239361c65

    • SHA512

      51995893f846568bc2cd832019703652cf061e071875d32d66b74fd617ceebd042614d0f41536ceb1765f70f0c5e9840bb61657415e03328ea54e69171fcddf2

    • SSDEEP

      24576:sWTX+9g1oNBgDLl24lQAYgCfJneVVcj7Vd04YE2AQRttb:BbegIgDA7AOfJnec7Vy4b2AQntb

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks