General

  • Target

    99c1e668a3a66c8f50bb8a82732dc0e0_NEIKI

  • Size

    410KB

  • Sample

    240508-b6fmlsef27

  • MD5

    99c1e668a3a66c8f50bb8a82732dc0e0

  • SHA1

    9fe1828397dc620a230489f8ae2b6777702ee445

  • SHA256

    cbf8f2acc34ea14921d1eea9ace5d4210dd2dcefd88b6fafae703f534b0c754c

  • SHA512

    597b19a2092152f2f080a173f14a9268492eb687000e16ee6cd27cdbf24f07856133a0f6c5c96ed1251a6079c7b4d3534030ae41ad696a833e8ea1099e2ebe10

  • SSDEEP

    6144:TSp0yN90QE7e3WMGsXtK5mejEpm4uIXI9OtSQ6jAvCGswLvQ9ly6p2:vy90wGjsX+m0EXuMVCGswjSw/

Malware Config

Targets

    • Target

      99c1e668a3a66c8f50bb8a82732dc0e0_NEIKI

    • Size

      410KB

    • MD5

      99c1e668a3a66c8f50bb8a82732dc0e0

    • SHA1

      9fe1828397dc620a230489f8ae2b6777702ee445

    • SHA256

      cbf8f2acc34ea14921d1eea9ace5d4210dd2dcefd88b6fafae703f534b0c754c

    • SHA512

      597b19a2092152f2f080a173f14a9268492eb687000e16ee6cd27cdbf24f07856133a0f6c5c96ed1251a6079c7b4d3534030ae41ad696a833e8ea1099e2ebe10

    • SSDEEP

      6144:TSp0yN90QE7e3WMGsXtK5mejEpm4uIXI9OtSQ6jAvCGswLvQ9ly6p2:vy90wGjsX+m0EXuMVCGswjSw/

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks