27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

27d9372a64...cs.exe

windows7-x64

7

27d9372a64...cs.exe

windows10-2004-x64

7

Sharing

General

Target

27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3_NeikiAnalytics.exe
Size

8.7MB
Sample

240701-a1zymatgjj
MD5

9e15abfb8bb61bbf64b357c9c8274840
SHA1

46a9a5a2bd9f51d60f417a8005bbd9e8f222daeb
SHA256

27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3
SHA512

8d66b18d02c8dfdae81d974820d6ad9d99b8a5fbccdedc0eda014e35a57551d8f924d0da7e30d2aef1e051a632007c6cac03742a55196e35e4a0998b34b5b391
SSDEEP

196608:GfQEksgb06ZS+MnIhCsXDjDddJolpPgToa10/PXdwWlDGFOnJhThX:5EkHb0gMnIhCEDHJ83a10HXdwWwsPh

Score

7^/10

pyinstaller spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3_NeikiAnalytics.exe

Resource

win7-20240508-en

spyware stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3_NeikiAnalytics.exe
- Size
  
  8.7MB
- MD5
  
  9e15abfb8bb61bbf64b357c9c8274840
- SHA1
  
  46a9a5a2bd9f51d60f417a8005bbd9e8f222daeb
- SHA256
  
  27d9372a645594fa31c19bd0366e8e2186b9bbb808ccbe57226c0be155c477e3
- SHA512
  
  8d66b18d02c8dfdae81d974820d6ad9d99b8a5fbccdedc0eda014e35a57551d8f924d0da7e30d2aef1e051a632007c6cac03742a55196e35e4a0998b34b5b391
- SSDEEP
  
  196608:GfQEksgb06ZS+MnIhCsXDjDddJolpPgToa10/PXdwWlDGFOnJhThX:5EkHb0gMnIhCEDHJ83a10HXdwWwsPh
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy