5109349d132fa0f5747e48f6fdcd412c69f1cf675fec88e19e74ad9755922b80 | Triage

Submit
Reports

Overview

overview

Static

static

7

ddb3b28379...KI.exe

windows7-x64

ddb3b28379...KI.exe

windows10-2004-x64

Sharing

General

Target

ddb3b2837980862d7962172bc89c24f0_NEIKI
Size

347KB
Sample

240508-fvdq4afa72
MD5

ddb3b2837980862d7962172bc89c24f0
SHA1

96746c72536004f31f11ed1cb0ca3bf248c61952
SHA256

5109349d132fa0f5747e48f6fdcd412c69f1cf675fec88e19e74ad9755922b80
SHA512

5dd8398463fbc3087a459afc539b842287798dde9f9ddef067c2052cca91ce43d64b03d6e5e9a4c1d08c77f455ac630140309aadbad468fe73f9865d7341c63a
SSDEEP

6144:8uIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYhuIlWqB+E:X6Wq4aaE6KwyF5L0Y2D1PqLb6Wq4E

Score

10^/10

evasion upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ddb3b2837980862d7962172bc89c24f0_NEIKI.exe

Resource

win7-20240221-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ddb3b2837980862d7962172bc89c24f0_NEIKI.exe

Resource

win10v2004-20240419-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  ddb3b2837980862d7962172bc89c24f0_NEIKI
- Size
  
  347KB
- MD5
  
  ddb3b2837980862d7962172bc89c24f0
- SHA1
  
  96746c72536004f31f11ed1cb0ca3bf248c61952
- SHA256
  
  5109349d132fa0f5747e48f6fdcd412c69f1cf675fec88e19e74ad9755922b80
- SHA512
  
  5dd8398463fbc3087a459afc539b842287798dde9f9ddef067c2052cca91ce43d64b03d6e5e9a4c1d08c77f455ac630140309aadbad468fe73f9865d7341c63a
- SSDEEP
  
  6144:8uIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLqIYhuIlWqB+E:X6Wq4aaE6KwyF5L0Y2D1PqLb6Wq4E
Score

10^/10

evasion upx
- Modifies visibility of file extensions in Explorer
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy