General
-
Target
ec48d3141eafe16821567cd45483de10_NEIKI
-
Size
741KB
-
Sample
240508-gmsqqaea7y
-
MD5
ec48d3141eafe16821567cd45483de10
-
SHA1
bd62c60319a047afd9c4c6e7c2a665666eb22522
-
SHA256
aa7740bdb3fec0575f5c899b3b5a3a4bb8f69a8ec96a4253d9494dcc6265498d
-
SHA512
a5f86544c097a0dc17bd455ce3b1083aca1a5df1a1c4c89ee6a05a514f53346242a49ca4839355ded39e87747eee2822422d3feae7ab35cfc158e35f33e99d1c
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1FG:lIt4kt0Kd6F6CNzYhUiEWEYcwO
Malware Config
Targets
-
-
Target
ec48d3141eafe16821567cd45483de10_NEIKI
-
Size
741KB
-
MD5
ec48d3141eafe16821567cd45483de10
-
SHA1
bd62c60319a047afd9c4c6e7c2a665666eb22522
-
SHA256
aa7740bdb3fec0575f5c899b3b5a3a4bb8f69a8ec96a4253d9494dcc6265498d
-
SHA512
a5f86544c097a0dc17bd455ce3b1083aca1a5df1a1c4c89ee6a05a514f53346242a49ca4839355ded39e87747eee2822422d3feae7ab35cfc158e35f33e99d1c
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1FG:lIt4kt0Kd6F6CNzYhUiEWEYcwO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1