Overview

overview

8

Static

static

1

8b2ba0e146...KI.exe

windows7-x64

6

8b2ba0e146...KI.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8b2ba0e146e360f830156db3c5bdcf20_NEIKI

  • Size

    5.2MB

  • Sample

    240508-2y5jwacc31

  • MD5

    8b2ba0e146e360f830156db3c5bdcf20

  • SHA1

    993a9b2364c5ccca731fb50ec1d929ce594061ff

  • SHA256

    41f54af1d60e1418205feb0590e808d2e8481cae45ed7bddffd167b9ceb0ba91

  • SHA512

    7747e1a40c6434d9bab563d60d4f22088bdedf8226d19c6d852d9a7d44df89d7d4cd4ec8c6323f74108fc72ec8305f80f356277663a4f3e6142b7475adf0554e

  • SSDEEP

    98304:aw536+6efPjmv+XrELa3beUIdYdsDGTMxr3P38fcYQ:afefPjmvWehn5d/Mf

Score
8/10
persistence

Malware Config

Targets

    • Target

      8b2ba0e146e360f830156db3c5bdcf20_NEIKI

    • Size

      5.2MB

    • MD5

      8b2ba0e146e360f830156db3c5bdcf20

    • SHA1

      993a9b2364c5ccca731fb50ec1d929ce594061ff

    • SHA256

      41f54af1d60e1418205feb0590e808d2e8481cae45ed7bddffd167b9ceb0ba91

    • SHA512

      7747e1a40c6434d9bab563d60d4f22088bdedf8226d19c6d852d9a7d44df89d7d4cd4ec8c6323f74108fc72ec8305f80f356277663a4f3e6142b7475adf0554e

    • SSDEEP

      98304:aw536+6efPjmv+XrELa3beUIdYdsDGTMxr3P38fcYQ:afefPjmvWehn5d/Mf

    Score
    8/10
    persistence

    • Sets service image path in registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks