c6f6e91b56452dde73e9dfb2519e22358029c9f8a5da0faa870e536237a46900 | Triage

Sharing

General

Target

32265e95f7879e0c7009fc3130585290_NEIKI
Size

201KB
Sample

240507-zvqkfaff7v
MD5

32265e95f7879e0c7009fc3130585290
SHA1

d0f51fc185220d225d94f7a3804ef075a9d9994a
SHA256

c6f6e91b56452dde73e9dfb2519e22358029c9f8a5da0faa870e536237a46900
SHA512

fb83e505a13c154f1da5bd5142703ae386cee41ced904dcbe9257adb721411a0879c96430da41680cc5e12e0595ae5c1b4cf27f16b72a70574241679a235485b
SSDEEP

3072:cdEUfKj8BYbDiC1ZTK7sxtLUIGxD9Puf5QvfDU9q3XRrMBEGltj95y6hsYDj:cUSiZTK409D9A5p

Score

7^/10

Malware Config

Targets

- Target
  
  32265e95f7879e0c7009fc3130585290_NEIKI
- Size
  
  201KB
- MD5
  
  32265e95f7879e0c7009fc3130585290
- SHA1
  
  d0f51fc185220d225d94f7a3804ef075a9d9994a
- SHA256
  
  c6f6e91b56452dde73e9dfb2519e22358029c9f8a5da0faa870e536237a46900
- SHA512
  
  fb83e505a13c154f1da5bd5142703ae386cee41ced904dcbe9257adb721411a0879c96430da41680cc5e12e0595ae5c1b4cf27f16b72a70574241679a235485b
- SSDEEP
  
  3072:cdEUfKj8BYbDiC1ZTK7sxtLUIGxD9Puf5QvfDU9q3XRrMBEGltj95y6hsYDj:cUSiZTK409D9A5p
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2