f71ef496b1c10bce0af8e0563f54193116ef3685d32d0b57f61ad545d7bd81b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2297772f1235bae3963d106e06c2ae0_NEIKI
Size

8KB
Sample

240508-f3rb6ach2w
MD5

e2297772f1235bae3963d106e06c2ae0
SHA1

df2eb49c07be0dc41bd75030bd1fd1461aac1f08
SHA256

f71ef496b1c10bce0af8e0563f54193116ef3685d32d0b57f61ad545d7bd81b7
SHA512

ea0324310515cd3f6d7ff4def2ff36ad4df7510917e23e04681f3637e08dc1247cd4cc570e50901cfc8b7a46c7a83af3bcd32ec67f7825caeebec0404bf146dc
SSDEEP

96:ZXv4mUWKh9ctgC1RSO5nKymV44vYArXKbAhD62XKQ8nP8MAO2wyU2wX12LOfBvO1:qmUWKs/F5nKfzvzrXkC6DEUyU2wX/4

Score

7^/10

Malware Config

Targets

- Target
  
  e2297772f1235bae3963d106e06c2ae0_NEIKI
- Size
  
  8KB
- MD5
  
  e2297772f1235bae3963d106e06c2ae0
- SHA1
  
  df2eb49c07be0dc41bd75030bd1fd1461aac1f08
- SHA256
  
  f71ef496b1c10bce0af8e0563f54193116ef3685d32d0b57f61ad545d7bd81b7
- SHA512
  
  ea0324310515cd3f6d7ff4def2ff36ad4df7510917e23e04681f3637e08dc1247cd4cc570e50901cfc8b7a46c7a83af3bcd32ec67f7825caeebec0404bf146dc
- SSDEEP
  
  96:ZXv4mUWKh9ctgC1RSO5nKymV44vYArXKbAhD62XKQ8nP8MAO2wyU2wX12LOfBvO1:qmUWKs/F5nKfzvzrXkC6DEUyU2wX/4
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2