ad36114bf680bee0f9d27b014d06e36921c3e3e97eb5e608d04aceb14a1869d3 | Triage

Sharing

General

Target

ef213d2fdd894791136546f5e00163c0_NEIKI
Size

322KB
Sample

240508-gsr2daed3w
MD5

ef213d2fdd894791136546f5e00163c0
SHA1

a9858e0b9b38a284cca120ce4de0cff7ff758f76
SHA256

ad36114bf680bee0f9d27b014d06e36921c3e3e97eb5e608d04aceb14a1869d3
SHA512

d2bd409e3e9e8b1914a28a471f63137270d353494fb152e0a7ec589a3335f81b0ae6830696e910117d5a9767325c7e27c342666cb735fd3bb5093a42749f0f2b
SSDEEP

1536:uPIH95aGSpO7FU5M9NdWpskcIz5RQKTmDhdF+PhJFTq1dlCsTx4LB:uPIHPaGSw759+pYeeKSVGZ3Odl

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ef213d2fdd894791136546f5e00163c0_NEIKI
- Size
  
  322KB
- MD5
  
  ef213d2fdd894791136546f5e00163c0
- SHA1
  
  a9858e0b9b38a284cca120ce4de0cff7ff758f76
- SHA256
  
  ad36114bf680bee0f9d27b014d06e36921c3e3e97eb5e608d04aceb14a1869d3
- SHA512
  
  d2bd409e3e9e8b1914a28a471f63137270d353494fb152e0a7ec589a3335f81b0ae6830696e910117d5a9767325c7e27c342666cb735fd3bb5093a42749f0f2b
- SSDEEP
  
  1536:uPIH95aGSpO7FU5M9NdWpskcIz5RQKTmDhdF+PhJFTq1dlCsTx4LB:uPIHPaGSw759+pYeeKSVGZ3Odl
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2