d602fb63a82b968940e46b4b89049d2d0ee2c19be58fe411348096e3b5753c20 | Triage

Sharing

General

Target

34374227371fddd9c1a8cdaf0eca2ec0_NEIKI
Size

443KB
Sample

240507-zyv94afh3z
MD5

34374227371fddd9c1a8cdaf0eca2ec0
SHA1

18b7787afb3893c913622c7dabcbc664db4430ab
SHA256

d602fb63a82b968940e46b4b89049d2d0ee2c19be58fe411348096e3b5753c20
SHA512

3d1b975355207f63ca2d9896cadea46c625d4988ec6496ff73987414b0933850f83d7ca2f22c288bcb26a3856eb576f4cae7e9d73235943537c468a740a81806
SSDEEP

6144:kFLePI7WA7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOs:kFCgF1J1HJ1Uj+HiPj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  34374227371fddd9c1a8cdaf0eca2ec0_NEIKI
- Size
  
  443KB
- MD5
  
  34374227371fddd9c1a8cdaf0eca2ec0
- SHA1
  
  18b7787afb3893c913622c7dabcbc664db4430ab
- SHA256
  
  d602fb63a82b968940e46b4b89049d2d0ee2c19be58fe411348096e3b5753c20
- SHA512
  
  3d1b975355207f63ca2d9896cadea46c625d4988ec6496ff73987414b0933850f83d7ca2f22c288bcb26a3856eb576f4cae7e9d73235943537c468a740a81806
- SSDEEP
  
  6144:kFLePI7WA7zeXmRL13n4GAI13n4GAvs0PEpNF0pNO021fv13n4GA3uKjwszeXmOs:kFCgF1J1HJ1Uj+HiPj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2