Overview

overview

8

Static

static

3

28abdcffd8...KI.exe

windows7-x64

8

28abdcffd8...KI.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    28abdcffd88740788f179f37f2c5a020_NEIKI

  • Size

    72KB

  • Sample

    240507-zddjjshd43

  • MD5

    28abdcffd88740788f179f37f2c5a020

  • SHA1

    6dfe899f7838b8cc5fec869798e6ded76954004c

  • SHA256

    13ffc8d494cf39585288dcad6df57da42f9ca84fb3d453dc7f14edab7250a96c

  • SHA512

    3735fd4931f8c0dcb83abb909d222167d7897703df4c8d5b7326a0eac7bc56019138241528f3c456f285f702f2269789fe40c6a56c671c1fa3f6c91bf020a045

  • SSDEEP

    768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkC:Zr3Z5IfQmv81x7pP1r3yXPdtnyjj

Score
8/10
evasion

Malware Config

Targets

    • Target

      28abdcffd88740788f179f37f2c5a020_NEIKI

    • Size

      72KB

    • MD5

      28abdcffd88740788f179f37f2c5a020

    • SHA1

      6dfe899f7838b8cc5fec869798e6ded76954004c

    • SHA256

      13ffc8d494cf39585288dcad6df57da42f9ca84fb3d453dc7f14edab7250a96c

    • SHA512

      3735fd4931f8c0dcb83abb909d222167d7897703df4c8d5b7326a0eac7bc56019138241528f3c456f285f702f2269789fe40c6a56c671c1fa3f6c91bf020a045

    • SSDEEP

      768:ZrItKyw5WHXfQmjIiIk9ecAx7pP1EPU96MyXPdtldE9bIIIwjkC:Zr3Z5IfQmv81x7pP1r3yXPdtnyjj

    Score
    8/10
    evasion

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks