05c08f4254db4cd94189d02a2ea1de64b2c8e71e88bab931a5e6880637fbd828 | Triage

Sharing

General

Target

05c08f4254db4cd94189d02a2ea1de64b2c8e71e88bab931a5e6880637fbd828_NeikiAnalytics.exe
Size

71KB
Sample

240629-17rtpsxfqb
MD5

06fb236bb678bd0218ce110001a70f50
SHA1

a7e56b12225a135315a9b6e2dd3723593f025f60
SHA256

05c08f4254db4cd94189d02a2ea1de64b2c8e71e88bab931a5e6880637fbd828
SHA512

4b6fb0ccd6cda43917ed111fb27cae0c134c2072dc7f720af4d93fb745a094784d7d1462e8de3cc870524a5e754c29801fe206ce1831ff2d14b479711c3dcce7
SSDEEP

1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT7:ZhpAyazIlyazT7

Score

7^/10

persistence spyware stealer

Malware Config

Targets

- Target
  
  05c08f4254db4cd94189d02a2ea1de64b2c8e71e88bab931a5e6880637fbd828_NeikiAnalytics.exe
- Size
  
  71KB
- MD5
  
  06fb236bb678bd0218ce110001a70f50
- SHA1
  
  a7e56b12225a135315a9b6e2dd3723593f025f60
- SHA256
  
  05c08f4254db4cd94189d02a2ea1de64b2c8e71e88bab931a5e6880637fbd828
- SHA512
  
  4b6fb0ccd6cda43917ed111fb27cae0c134c2072dc7f720af4d93fb745a094784d7d1462e8de3cc870524a5e754c29801fe206ce1831ff2d14b479711c3dcce7
- SSDEEP
  
  1536:Fc897UsWjcd9w+AyabjDbxE+MwmvlDuazT7:ZhpAyazIlyazT7
Score

7^/10

persistence spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealer

behavioral2

persistencespywarestealer