General

  • Target

    96da391df07d68b429d07bafa4966b37030448cbffb94db56450b6792e412d87_NeikiAnalytics.exe

  • Size

    1.2MB

  • Sample

    240628-n7rsgs1ejq

  • MD5

    11ae8536e9968d050d0eb53ca7fe8d00

  • SHA1

    6741c252fa36715043c3afaf6bdb9687deb08cb0

  • SHA256

    96da391df07d68b429d07bafa4966b37030448cbffb94db56450b6792e412d87

  • SHA512

    0f3a3603828369fc3a3323c635ea7a3556b8fdf63fc558e1b8ecdb1fba71ac15a73497fad9ae03ca968338b61b1b9e84b573ab86c1b656735359bd753a1c6f55

  • SSDEEP

    24576:NHR0G3bY4R9SslKujAZBZPIn+klcWK8fhx0aA:NyGrY4Rg2KucZLPI+kDK8JU

Malware Config

Targets

    • Target

      96da391df07d68b429d07bafa4966b37030448cbffb94db56450b6792e412d87_NeikiAnalytics.exe

    • Size

      1.2MB

    • MD5

      11ae8536e9968d050d0eb53ca7fe8d00

    • SHA1

      6741c252fa36715043c3afaf6bdb9687deb08cb0

    • SHA256

      96da391df07d68b429d07bafa4966b37030448cbffb94db56450b6792e412d87

    • SHA512

      0f3a3603828369fc3a3323c635ea7a3556b8fdf63fc558e1b8ecdb1fba71ac15a73497fad9ae03ca968338b61b1b9e84b573ab86c1b656735359bd753a1c6f55

    • SSDEEP

      24576:NHR0G3bY4R9SslKujAZBZPIn+klcWK8fhx0aA:NyGrY4Rg2KucZLPI+kDK8JU

    • 44Caliber

      An open source infostealer written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks