Overview

overview

7

Static

static

3

16975ea723...cs.exe

windows7-x64

7

16975ea723...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    16975ea723d3b4d231614d7dddc331d892d2becef294d7efb653be989bb0d06a_NeikiAnalytics.exe

  • Size

    1.6MB

  • Sample

    240627-zhy12szdkc

  • MD5

    bf0e96ce84fbcdea4dd08084f2a5e440

  • SHA1

    ab1ee68a69a1bf9416ed77fba1084005441c4378

  • SHA256

    16975ea723d3b4d231614d7dddc331d892d2becef294d7efb653be989bb0d06a

  • SHA512

    4fa25da9bd5d6db255949bfae77d3e9d2b17dcce33fba79cbcce6253e3840ed7d5b5517060129a10f1f45f37377115ca355f6826acbc57175d52ad9e269b9000

  • SSDEEP

    49152:BujGSKInRGMBO0wSU1T3msEcV+GgX27Uo7:QFKIRGMI1TR9V+Gg67

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      16975ea723d3b4d231614d7dddc331d892d2becef294d7efb653be989bb0d06a_NeikiAnalytics.exe

    • Size

      1.6MB

    • MD5

      bf0e96ce84fbcdea4dd08084f2a5e440

    • SHA1

      ab1ee68a69a1bf9416ed77fba1084005441c4378

    • SHA256

      16975ea723d3b4d231614d7dddc331d892d2becef294d7efb653be989bb0d06a

    • SHA512

      4fa25da9bd5d6db255949bfae77d3e9d2b17dcce33fba79cbcce6253e3840ed7d5b5517060129a10f1f45f37377115ca355f6826acbc57175d52ad9e269b9000

    • SSDEEP

      49152:BujGSKInRGMBO0wSU1T3msEcV+GgX27Uo7:QFKIRGMI1TR9V+Gg67

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks