81c8817640afb301ac2ba0577a738c5a8f5d366dc441f0e1d1f3c1c66d52ea01 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

636d8397ff7ebeebf80a9e71236f9930_NEIKI
Size

5.2MB
Sample

240508-1g42cabc57
MD5

636d8397ff7ebeebf80a9e71236f9930
SHA1

8d3eb735eb6ba01a60d3a95fcc46e680b8fd705e
SHA256

81c8817640afb301ac2ba0577a738c5a8f5d366dc441f0e1d1f3c1c66d52ea01
SHA512

0f209edb8773417a220a0e1483f42d06b420280e4d59020941512695519e1ad9c603ef194bb9d68fa46841055c760c8c43131f9ca05c8d3b0301a5fcd7365736
SSDEEP

49152:76Gn9646KI6BbazR0vKLXZv91bazR0vKLXZX:76Gn9646r6VatuKLXZnatuKLXZX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  636d8397ff7ebeebf80a9e71236f9930_NEIKI
- Size
  
  5.2MB
- MD5
  
  636d8397ff7ebeebf80a9e71236f9930
- SHA1
  
  8d3eb735eb6ba01a60d3a95fcc46e680b8fd705e
- SHA256
  
  81c8817640afb301ac2ba0577a738c5a8f5d366dc441f0e1d1f3c1c66d52ea01
- SHA512
  
  0f209edb8773417a220a0e1483f42d06b420280e4d59020941512695519e1ad9c603ef194bb9d68fa46841055c760c8c43131f9ca05c8d3b0301a5fcd7365736
- SSDEEP
  
  49152:76Gn9646KI6BbazR0vKLXZv91bazR0vKLXZX:76Gn9646r6VatuKLXZnatuKLXZX
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2