00bc875ca0d492ff449f207a23907d4a6f87025600563c63f3bd4032b67f2157 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6edd834095e91b7bcac5419de1d468b0_NEIKI
Size

203KB
Sample

240507-3ytm2sfc9s
MD5

6edd834095e91b7bcac5419de1d468b0
SHA1

0f809d4ba3629d67b4d263aefb357fe077dfa6c3
SHA256

00bc875ca0d492ff449f207a23907d4a6f87025600563c63f3bd4032b67f2157
SHA512

7d5f40e20d0dc756782367f8cdb514c00c0823fcf9b4f84ea8610b79fd86f6163eb5085ee1be8a74ec14ab35c049fb3f955245fc5445609dbecf35e215884caa
SSDEEP

6144:rjD92j4XxW9tnJfKXqPTX7D7FM6234lKm3mo8YG:r8j4Xx+tJCXqP77D7FB24lwT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6edd834095e91b7bcac5419de1d468b0_NEIKI
- Size
  
  203KB
- MD5
  
  6edd834095e91b7bcac5419de1d468b0
- SHA1
  
  0f809d4ba3629d67b4d263aefb357fe077dfa6c3
- SHA256
  
  00bc875ca0d492ff449f207a23907d4a6f87025600563c63f3bd4032b67f2157
- SHA512
  
  7d5f40e20d0dc756782367f8cdb514c00c0823fcf9b4f84ea8610b79fd86f6163eb5085ee1be8a74ec14ab35c049fb3f955245fc5445609dbecf35e215884caa
- SSDEEP
  
  6144:rjD92j4XxW9tnJfKXqPTX7D7FM6234lKm3mo8YG:r8j4Xx+tJCXqP77D7FB24lwT
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2