Overview

overview

7

Static

static

3

398913c9ac...KI.exe

windows7-x64

7

398913c9ac...KI.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    398913c9ac79e8cb0ccc52b5624d9c30_NEIKI

  • Size

    3.2MB

  • Sample

    240507-z7gs3abc57

  • MD5

    398913c9ac79e8cb0ccc52b5624d9c30

  • SHA1

    35ef6dbeed37cdfbab93e6322f805749c6c5019e

  • SHA256

    593106455b303bc74564c9955d8e923cb5a3df6149d77a76b1b2b1400eaebc46

  • SHA512

    02ab0b59c20853c42400aefbcca8541dd464de85c4253609617cb2cfd97fd36e2b176e8c4881122ebc8ebfc63424164f9541e3b7329f7373af1a3504c6a1d93d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      398913c9ac79e8cb0ccc52b5624d9c30_NEIKI

    • Size

      3.2MB

    • MD5

      398913c9ac79e8cb0ccc52b5624d9c30

    • SHA1

      35ef6dbeed37cdfbab93e6322f805749c6c5019e

    • SHA256

      593106455b303bc74564c9955d8e923cb5a3df6149d77a76b1b2b1400eaebc46

    • SHA512

      02ab0b59c20853c42400aefbcca8541dd464de85c4253609617cb2cfd97fd36e2b176e8c4881122ebc8ebfc63424164f9541e3b7329f7373af1a3504c6a1d93d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUp2bVz8eLFcz

    Score
    7/10
    persistencespywarestealer

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks