6fd33c89dfce081aad16f54921e2a4112024b10fd383e99d51fa3c94268484f3 | Triage

Sharing

General

Target

4c8a588672a71f1b42ff5e63f8d68370_NEIKI
Size

136KB
Sample

240507-15qtmaaf21
MD5

4c8a588672a71f1b42ff5e63f8d68370
SHA1

7d722d9a0e825e9f2ee6b9240d92527cc96f0db9
SHA256

6fd33c89dfce081aad16f54921e2a4112024b10fd383e99d51fa3c94268484f3
SHA512

050653df60794417eb3ee742aa17caeda268fc2d3f9eeffc2a71c6727c124cd5e6d2897eb4104211cb1e9a1f5b2caadf4692bb3665b1b5c558ba9bbb56312919
SSDEEP

3072:APG2XXkDQMsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:AuU0DQMsohxd2Quohdbd0zscj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  4c8a588672a71f1b42ff5e63f8d68370_NEIKI
- Size
  
  136KB
- MD5
  
  4c8a588672a71f1b42ff5e63f8d68370
- SHA1
  
  7d722d9a0e825e9f2ee6b9240d92527cc96f0db9
- SHA256
  
  6fd33c89dfce081aad16f54921e2a4112024b10fd383e99d51fa3c94268484f3
- SHA512
  
  050653df60794417eb3ee742aa17caeda268fc2d3f9eeffc2a71c6727c124cd5e6d2897eb4104211cb1e9a1f5b2caadf4692bb3665b1b5c558ba9bbb56312919
- SSDEEP
  
  3072:APG2XXkDQMsohLwdNbw+Y92xQuohLwdNbw5bxH0zVWccA:AuU0DQMsohxd2Quohdbd0zscj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2