General

  • Target

    4128794041926576f20ed833da5e9c80_NEIKI

  • Size

    40KB

  • Sample

    240507-1k46hscb83

  • MD5

    4128794041926576f20ed833da5e9c80

  • SHA1

    47bbb92f1e9d4d8c6c1d4afcf147f9a0fa25f2cc

  • SHA256

    030cc9667ec24e71010a90d491342807b31243b1b674ff7a9aba6e04831e17e6

  • SHA512

    8277d8a89124c410e83ad892cc93de91815090ec7bed2b7f1a5d9722665e08ceedd6ef5912ec986ed2207592abd44732470ca767495cbe0e8f4fe3d4af8ee50f

  • SSDEEP

    768:tzmfIz1Xa3jZr/t3R6OpY9x0dHXOHk3CCecGH9C/vc:tfzGbB6IY9x6w4RCsvc

Score
10/10

Malware Config

Targets

    • Target

      4128794041926576f20ed833da5e9c80_NEIKI

    • Size

      40KB

    • MD5

      4128794041926576f20ed833da5e9c80

    • SHA1

      47bbb92f1e9d4d8c6c1d4afcf147f9a0fa25f2cc

    • SHA256

      030cc9667ec24e71010a90d491342807b31243b1b674ff7a9aba6e04831e17e6

    • SHA512

      8277d8a89124c410e83ad892cc93de91815090ec7bed2b7f1a5d9722665e08ceedd6ef5912ec986ed2207592abd44732470ca767495cbe0e8f4fe3d4af8ee50f

    • SSDEEP

      768:tzmfIz1Xa3jZr/t3R6OpY9x0dHXOHk3CCecGH9C/vc:tfzGbB6IY9x6w4RCsvc

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks