General
-
Target
7658ba7bbbcb1ad251485583acce4010_NEIKI
-
Size
116KB
-
Sample
240508-akemraba23
-
MD5
7658ba7bbbcb1ad251485583acce4010
-
SHA1
6a1d0b3780bbee6eadb2683b87da462a5ff01665
-
SHA256
0f7ebb9c8950e9a33f09d944ad16877e24b19f15ce3b9369901540fb228627a7
-
SHA512
1d67b44361a5f00b684e5f021501e66f2b09c24e18b8d29e97704dc09d538b04428cbe2b858abdd1fbfc59dd2aa06b2863b541845cde8e3c099e149b47dbf5ee
-
SSDEEP
1536:MiFWyvh8ZJTtC7PCtm27OhBefCBpwh8jEFmViEgTEE+jakJnK:M0nCfo7PC5joEFIiEzakM
Malware Config
Targets
-
-
Target
7658ba7bbbcb1ad251485583acce4010_NEIKI
-
Size
116KB
-
MD5
7658ba7bbbcb1ad251485583acce4010
-
SHA1
6a1d0b3780bbee6eadb2683b87da462a5ff01665
-
SHA256
0f7ebb9c8950e9a33f09d944ad16877e24b19f15ce3b9369901540fb228627a7
-
SHA512
1d67b44361a5f00b684e5f021501e66f2b09c24e18b8d29e97704dc09d538b04428cbe2b858abdd1fbfc59dd2aa06b2863b541845cde8e3c099e149b47dbf5ee
-
SSDEEP
1536:MiFWyvh8ZJTtC7PCtm27OhBefCBpwh8jEFmViEgTEE+jakJnK:M0nCfo7PC5joEFIiEzakM
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-