fd8544a1ed74e9422dbfe13e8b3950282f643b4387001c001c745a0e7c9425d7 | Triage

Sharing

General

Target

c91ec0f85df3988db8409bf514054130_NEIKI
Size

173KB
Sample

240508-eq9sasce94
MD5

c91ec0f85df3988db8409bf514054130
SHA1

9b3cb02acc52c2e19f5cd86c5b9e9296077fff39
SHA256

fd8544a1ed74e9422dbfe13e8b3950282f643b4387001c001c745a0e7c9425d7
SHA512

82c52c5f545e7f3a8d25fa3a5b34319f932cc87e993e68acaf8e4208176fdcd0c0c25374472dc2702b4ed21439d60ee74b18f7491ab8e7a2a43d2a5bb06c1c0d
SSDEEP

3072:9NFz6CS7iJDgpZQjZNGH0HwVaD1i/MwGsGnDc9nhVizLrRo6+:nFz6CXJDgvQjZNs/VKi/MwGsmLrRo6+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c91ec0f85df3988db8409bf514054130_NEIKI
- Size
  
  173KB
- MD5
  
  c91ec0f85df3988db8409bf514054130
- SHA1
  
  9b3cb02acc52c2e19f5cd86c5b9e9296077fff39
- SHA256
  
  fd8544a1ed74e9422dbfe13e8b3950282f643b4387001c001c745a0e7c9425d7
- SHA512
  
  82c52c5f545e7f3a8d25fa3a5b34319f932cc87e993e68acaf8e4208176fdcd0c0c25374472dc2702b4ed21439d60ee74b18f7491ab8e7a2a43d2a5bb06c1c0d
- SSDEEP
  
  3072:9NFz6CS7iJDgpZQjZNGH0HwVaD1i/MwGsGnDc9nhVizLrRo6+:nFz6CXJDgvQjZNs/VKi/MwGsmLrRo6+
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2