846b8af8dbf3a59d1431ca65cd5588a7f1600e6a4215b063fba7b0ffec118b0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e8b84d6943130e20bf92a7dac7a3ed60_NEIKI
Size

538KB
Sample

240508-gflc3adf5w
MD5

e8b84d6943130e20bf92a7dac7a3ed60
SHA1

b45699eeeac5217834f9b536b267b2711b98bf6a
SHA256

846b8af8dbf3a59d1431ca65cd5588a7f1600e6a4215b063fba7b0ffec118b0a
SHA512

07793f78e8cc82abb2855fce54f4a56ac4c9332ebd25251e5cca954f90ed8659134662e04306774c0867b2aa463375f07dbf1a704cd62c78c449fc72d0d636e7
SSDEEP

12288:wlbg+41gL5pRTcAkS/3hzN8qE43fm78Vi:Wbg+N5jcAkSYqyEi

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e8b84d6943130e20bf92a7dac7a3ed60_NEIKI
- Size
  
  538KB
- MD5
  
  e8b84d6943130e20bf92a7dac7a3ed60
- SHA1
  
  b45699eeeac5217834f9b536b267b2711b98bf6a
- SHA256
  
  846b8af8dbf3a59d1431ca65cd5588a7f1600e6a4215b063fba7b0ffec118b0a
- SHA512
  
  07793f78e8cc82abb2855fce54f4a56ac4c9332ebd25251e5cca954f90ed8659134662e04306774c0867b2aa463375f07dbf1a704cd62c78c449fc72d0d636e7
- SSDEEP
  
  12288:wlbg+41gL5pRTcAkS/3hzN8qE43fm78Vi:Wbg+N5jcAkSYqyEi
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2