Overview

overview

7

Static

static

3

461f6e9cc5...cs.exe

windows7-x64

7

461f6e9cc5...cs.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    461f6e9cc5c14418ee61e7f2479dec8bce5a95f174e2b5342033286abb035e68_NeikiAnalytics.exe

  • Size

    2.0MB

  • Sample

    240629-bywnvsxgnc

  • MD5

    584ee8b58b84938f456fbdb28142f750

  • SHA1

    e3633d1e7199589aa1998bc56e9e3affe3ce2c79

  • SHA256

    461f6e9cc5c14418ee61e7f2479dec8bce5a95f174e2b5342033286abb035e68

  • SHA512

    4395d74577654ce35f4405c84db4e83c1819da3415978c768f15b7aff2dc3d4e4827d368d296adda9bb4e6366b297d5265cb4b3fb692835a09860c107cc2617c

  • SSDEEP

    49152:c2AnkV4pirBKiyq6kWISQEBVRbgnHyNJslRG7y00ibS:c2AnxpirB1N2mnH5x00ibS

Score
7/10
bootkitpersistencespywarestealer

Malware Config

Targets

    • Target

      461f6e9cc5c14418ee61e7f2479dec8bce5a95f174e2b5342033286abb035e68_NeikiAnalytics.exe

    • Size

      2.0MB

    • MD5

      584ee8b58b84938f456fbdb28142f750

    • SHA1

      e3633d1e7199589aa1998bc56e9e3affe3ce2c79

    • SHA256

      461f6e9cc5c14418ee61e7f2479dec8bce5a95f174e2b5342033286abb035e68

    • SHA512

      4395d74577654ce35f4405c84db4e83c1819da3415978c768f15b7aff2dc3d4e4827d368d296adda9bb4e6366b297d5265cb4b3fb692835a09860c107cc2617c

    • SSDEEP

      49152:c2AnkV4pirBKiyq6kWISQEBVRbgnHyNJslRG7y00ibS:c2AnxpirB1N2mnH5x00ibS

    Score
    7/10
    bootkitpersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks