0ae7b1a3b2775bc8c1a521982f49a594d94df2410c868b9b820e0e600a7c4873 | Triage

Sharing

General

Target

a29a8d0bcf2e989b9f2df9b5023804e0_NEIKI
Size

224KB
Sample

240508-ck5v2sdb51
MD5

a29a8d0bcf2e989b9f2df9b5023804e0
SHA1

c4c193452460fa11b257368387e29e37bcfa0e86
SHA256

0ae7b1a3b2775bc8c1a521982f49a594d94df2410c868b9b820e0e600a7c4873
SHA512

e817df28e1bfa286ee469f94942efe3f542f33df3f9097aff6f7032506c7db96a21411a70af6bf5f28a3f198a90d62f735a35cdadf04e5efa09d2752709550bc
SSDEEP

3072:pYfWjeyCoVjIuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgtSU:pYmthB4s5tTDUZNSN58VU5tTtf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a29a8d0bcf2e989b9f2df9b5023804e0_NEIKI
- Size
  
  224KB
- MD5
  
  a29a8d0bcf2e989b9f2df9b5023804e0
- SHA1
  
  c4c193452460fa11b257368387e29e37bcfa0e86
- SHA256
  
  0ae7b1a3b2775bc8c1a521982f49a594d94df2410c868b9b820e0e600a7c4873
- SHA512
  
  e817df28e1bfa286ee469f94942efe3f542f33df3f9097aff6f7032506c7db96a21411a70af6bf5f28a3f198a90d62f735a35cdadf04e5efa09d2752709550bc
- SSDEEP
  
  3072:pYfWjeyCoVjIuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgtSU:pYmthB4s5tTDUZNSN58VU5tTtf
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2