Overview

overview

7

Static

static

3

39cc3bd9df...cs.exe

windows7-x64

7

39cc3bd9df...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39cc3bd9dffe11403cb7c3a31d481ee4dc44308bd18ca9861f5755b271af710a_NeikiAnalytics.exe

  • Size

    958KB

  • Sample

    240627-29ht9azeql

  • MD5

    6b8cdb588ca7b4f5bfee956612f583d0

  • SHA1

    9b48475d359a8bf889076e67473b6038311673e9

  • SHA256

    39cc3bd9dffe11403cb7c3a31d481ee4dc44308bd18ca9861f5755b271af710a

  • SHA512

    e4d2937a138a81771635224c992f88e6981d4b8f0d2cac1d9f302bc9bd5131eb71fcdf330f2e0add7eac2cc6635c52fb9ee389162d8df1fbc4b0c7c004b701e1

  • SSDEEP

    24576:2wS1BlbQULy8fB/Q4uNyb8gZ/Pnu+uoNh09ehFPSXo:hSvlksy8fKBwpZlRNyq64

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      39cc3bd9dffe11403cb7c3a31d481ee4dc44308bd18ca9861f5755b271af710a_NeikiAnalytics.exe

    • Size

      958KB

    • MD5

      6b8cdb588ca7b4f5bfee956612f583d0

    • SHA1

      9b48475d359a8bf889076e67473b6038311673e9

    • SHA256

      39cc3bd9dffe11403cb7c3a31d481ee4dc44308bd18ca9861f5755b271af710a

    • SHA512

      e4d2937a138a81771635224c992f88e6981d4b8f0d2cac1d9f302bc9bd5131eb71fcdf330f2e0add7eac2cc6635c52fb9ee389162d8df1fbc4b0c7c004b701e1

    • SSDEEP

      24576:2wS1BlbQULy8fB/Q4uNyb8gZ/Pnu+uoNh09ehFPSXo:hSvlksy8fKBwpZlRNyq64

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks