8f1440d355423563131859af8dbe5b78dd67efc03702f6723c1f14e228b0ac34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a02328803fb62c715a02b609d0a3f260_NEIKI
Size

45KB
Sample

240508-cfw3cacg7t
MD5

a02328803fb62c715a02b609d0a3f260
SHA1

e0fb3c5f5a792a47aedd549eba4054ecb9db7bd3
SHA256

8f1440d355423563131859af8dbe5b78dd67efc03702f6723c1f14e228b0ac34
SHA512

e21fd3e520ccec5965e385985f46acf02a3895502e22ee5ab4e7482ac8fbcd7605d93e5d423091342a3cc76cc5c892d84d7995935d14dfe8197933d65b261537
SSDEEP

768:Qf/0k97XQFGJUuLkj4+vuOLPrjNppvhIZiVBjbicEAUheafBK/1H5D:Q59KKUuLT+vuyjNpp2aB3UsmBQF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a02328803fb62c715a02b609d0a3f260_NEIKI
- Size
  
  45KB
- MD5
  
  a02328803fb62c715a02b609d0a3f260
- SHA1
  
  e0fb3c5f5a792a47aedd549eba4054ecb9db7bd3
- SHA256
  
  8f1440d355423563131859af8dbe5b78dd67efc03702f6723c1f14e228b0ac34
- SHA512
  
  e21fd3e520ccec5965e385985f46acf02a3895502e22ee5ab4e7482ac8fbcd7605d93e5d423091342a3cc76cc5c892d84d7995935d14dfe8197933d65b261537
- SSDEEP
  
  768:Qf/0k97XQFGJUuLkj4+vuOLPrjNppvhIZiVBjbicEAUheafBK/1H5D:Q59KKUuLT+vuyjNpp2aB3UsmBQF
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2