d7006f65bc5d0b88573067eaae19b5a60920f2c2017d5987755f6c75c8dfa29b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3afc1f9c32d297eaf86532e750c873c0_NEIKI
Size

43KB
Sample

240507-z966qsbe23
MD5

3afc1f9c32d297eaf86532e750c873c0
SHA1

320a51494021a521e0d3a550b7ab2f3e867e7e50
SHA256

d7006f65bc5d0b88573067eaae19b5a60920f2c2017d5987755f6c75c8dfa29b
SHA512

c4591ab549ba734679b5dcb4049d37f7edcf6c0ffaece84413676c9e6bb67d77212df1e6f95bd38956e5b9d5721f53cc4eec369a9fa12e38036504e07da102d9
SSDEEP

768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAwW:b/pYayGig5HjS3NPA/

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3afc1f9c32d297eaf86532e750c873c0_NEIKI
- Size
  
  43KB
- MD5
  
  3afc1f9c32d297eaf86532e750c873c0
- SHA1
  
  320a51494021a521e0d3a550b7ab2f3e867e7e50
- SHA256
  
  d7006f65bc5d0b88573067eaae19b5a60920f2c2017d5987755f6c75c8dfa29b
- SHA512
  
  c4591ab549ba734679b5dcb4049d37f7edcf6c0ffaece84413676c9e6bb67d77212df1e6f95bd38956e5b9d5721f53cc4eec369a9fa12e38036504e07da102d9
- SSDEEP
  
  768:b/yC4GyNM01GuQMNXw2PSjHPbSuYlW8PAwW:b/pYayGig5HjS3NPA/
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2