Overview

overview

7

Static

static

3

9d8031fbd8...cs.exe

windows7-x64

7

9d8031fbd8...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9d8031fbd8c48d4db2e4c5b0cd2ca9e8167a48987abb4cdfc5ab3a413d016b71_NeikiAnalytics.exe

  • Size

    465KB

  • Sample

    240628-sdphgsxgqr

  • MD5

    0357fd2e8b59c416500835fcbaacd870

  • SHA1

    c7f7839e8487cdac038bc562594120be1ab423ce

  • SHA256

    9d8031fbd8c48d4db2e4c5b0cd2ca9e8167a48987abb4cdfc5ab3a413d016b71

  • SHA512

    56349aba153597f217a1197e1a4f028dfc513c1db32d3764a75f1754be09f65d16a67caf4606d686d55293e2362b683414fcd2f1f8ba12aa86fc12a7469e020d

  • SSDEEP

    12288:dXCNi9Bdr8ZKJhgPbma2pFYnR22LK9h50C1jcpUhR963EHh:oWd4ZKJhgPkpFUWX0CBcpUhRA3E

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      9d8031fbd8c48d4db2e4c5b0cd2ca9e8167a48987abb4cdfc5ab3a413d016b71_NeikiAnalytics.exe

    • Size

      465KB

    • MD5

      0357fd2e8b59c416500835fcbaacd870

    • SHA1

      c7f7839e8487cdac038bc562594120be1ab423ce

    • SHA256

      9d8031fbd8c48d4db2e4c5b0cd2ca9e8167a48987abb4cdfc5ab3a413d016b71

    • SHA512

      56349aba153597f217a1197e1a4f028dfc513c1db32d3764a75f1754be09f65d16a67caf4606d686d55293e2362b683414fcd2f1f8ba12aa86fc12a7469e020d

    • SSDEEP

      12288:dXCNi9Bdr8ZKJhgPbma2pFYnR22LK9h50C1jcpUhR963EHh:oWd4ZKJhgPkpFUWX0CBcpUhRA3E

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks