Overview

overview

8

Static

static

3

a32d83d9eb...KI.exe

windows7-x64

1

a32d83d9eb...KI.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a32d83d9eb5bf7786f94fc0c76383dd0_NEIKI

  • Size

    119KB

  • Sample

    240508-3whsrsgh85

  • MD5

    a32d83d9eb5bf7786f94fc0c76383dd0

  • SHA1

    d7397433b7cdda085e5e04b9a3a2d543dc837944

  • SHA256

    c8f67d020296ca87d01caaf8566d19f5c145d968294ebe060f165425e0639f4a

  • SHA512

    082c3ac5ceb479ff58cc177d8321bc94de054d05f217bf815683f45f7922817f33ab366b64122a941c2be17050ea432339d979589ac0604d18d8df56f1aa032a

  • SSDEEP

    3072:AGAJ6wvHTJhHqWKTUSHp/pIluSFiQd4X3r7ciEXRjS+:AGEHN1yT3kvFs77ciEXRjS+

Score
8/10
discovery

Malware Config

Targets

    • Target

      a32d83d9eb5bf7786f94fc0c76383dd0_NEIKI

    • Size

      119KB

    • MD5

      a32d83d9eb5bf7786f94fc0c76383dd0

    • SHA1

      d7397433b7cdda085e5e04b9a3a2d543dc837944

    • SHA256

      c8f67d020296ca87d01caaf8566d19f5c145d968294ebe060f165425e0639f4a

    • SHA512

      082c3ac5ceb479ff58cc177d8321bc94de054d05f217bf815683f45f7922817f33ab366b64122a941c2be17050ea432339d979589ac0604d18d8df56f1aa032a

    • SSDEEP

      3072:AGAJ6wvHTJhHqWKTUSHp/pIluSFiQd4X3r7ciEXRjS+:AGEHN1yT3kvFs77ciEXRjS+

    Score
    8/10
    discovery

    • Contacts a large (603) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Deletes itself

    • Executes dropped EXE

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks