f961e0e30956481f55ca5c892b2ad479770c02eca3f84dca50535ddae539cdc0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b9233b10bb667b0c131aa55f4f23420_NEIKI
Size

2.7MB
Sample

240507-ysevgsfh42
MD5

1b9233b10bb667b0c131aa55f4f23420
SHA1

f0b608498f178f80e723f1d5645d47242e8045be
SHA256

f961e0e30956481f55ca5c892b2ad479770c02eca3f84dca50535ddae539cdc0
SHA512

a6a8e6495970452c9a19ea4b48ea11c0211a360fadce53e3bf3a7c73f83a536da02ab72cd69a4f83d866f6f83d8aa98f1c2210c384396579f2e31f22bf776506
SSDEEP

49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB99w4Sx:+R0pI/IQlUoMPdmpSp14

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  1b9233b10bb667b0c131aa55f4f23420_NEIKI
- Size
  
  2.7MB
- MD5
  
  1b9233b10bb667b0c131aa55f4f23420
- SHA1
  
  f0b608498f178f80e723f1d5645d47242e8045be
- SHA256
  
  f961e0e30956481f55ca5c892b2ad479770c02eca3f84dca50535ddae539cdc0
- SHA512
  
  a6a8e6495970452c9a19ea4b48ea11c0211a360fadce53e3bf3a7c73f83a536da02ab72cd69a4f83d866f6f83d8aa98f1c2210c384396579f2e31f22bf776506
- SSDEEP
  
  49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB99w4Sx:+R0pI/IQlUoMPdmpSp14
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2