Overview

overview

7

Static

static

3

0218206182...cs.exe

windows7-x64

7

0218206182...cs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0218206182bf2ba0dfa9e67da78ed3e9164958f352e92348ad91f8a093a7a57e_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240630-jzxasayclq

  • MD5

    051949c48009e4f684baa27c0a7b56a0

  • SHA1

    460162b65b3715d31bad490a3ed11f221931e40a

  • SHA256

    0218206182bf2ba0dfa9e67da78ed3e9164958f352e92348ad91f8a093a7a57e

  • SHA512

    176f97051e7c00591e637fa5e7d1ccff246427550d3ad5c7d1aafbc18229c34120e71e244b91b462886e02c48ba9b415b78d978bf1ef838b3149d00ee9fdc424

  • SSDEEP

    24576:oW32IEhEsucztBnEDaoey7Ds5ljT4aAL8/1ubO:V32fCNc5BEO87DsjjT4a51ubO

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0218206182bf2ba0dfa9e67da78ed3e9164958f352e92348ad91f8a093a7a57e_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      051949c48009e4f684baa27c0a7b56a0

    • SHA1

      460162b65b3715d31bad490a3ed11f221931e40a

    • SHA256

      0218206182bf2ba0dfa9e67da78ed3e9164958f352e92348ad91f8a093a7a57e

    • SHA512

      176f97051e7c00591e637fa5e7d1ccff246427550d3ad5c7d1aafbc18229c34120e71e244b91b462886e02c48ba9b415b78d978bf1ef838b3149d00ee9fdc424

    • SSDEEP

      24576:oW32IEhEsucztBnEDaoey7Ds5ljT4aAL8/1ubO:V32fCNc5BEO87DsjjT4a51ubO

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks