15d12423c9be2048f59891ac4693dce54d47dbe5a1dfe37fb2a8c733419ec4cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f920a3c24d7172e4512ec446b4683120_NEIKI
Size

180KB
Sample

240508-hbm7jaaa64
MD5

f920a3c24d7172e4512ec446b4683120
SHA1

e812e356f3bddd20566c6a337b12e4d13e29fed5
SHA256

15d12423c9be2048f59891ac4693dce54d47dbe5a1dfe37fb2a8c733419ec4cc
SHA512

dcdd83ed883ab75e06fe47a20e3332cf3a529d8e22cb4995c4eb7044a1927762728dab72fc29c9776b196e5c4ea42023855808c4c4e936d2e3a3eca921e4fffe
SSDEEP

3072:VR6+wfHK3haautzVOvSzDFiLa6miE6Wj4/glEeqZYLtLw32NX/qs/YTJv1tFk+F+:VRXgKzutZGSzhiLLdE6D/gaeFq32NX/F

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f920a3c24d7172e4512ec446b4683120_NEIKI
- Size
  
  180KB
- MD5
  
  f920a3c24d7172e4512ec446b4683120
- SHA1
  
  e812e356f3bddd20566c6a337b12e4d13e29fed5
- SHA256
  
  15d12423c9be2048f59891ac4693dce54d47dbe5a1dfe37fb2a8c733419ec4cc
- SHA512
  
  dcdd83ed883ab75e06fe47a20e3332cf3a529d8e22cb4995c4eb7044a1927762728dab72fc29c9776b196e5c4ea42023855808c4c4e936d2e3a3eca921e4fffe
- SSDEEP
  
  3072:VR6+wfHK3haautzVOvSzDFiLa6miE6Wj4/glEeqZYLtLw32NX/qs/YTJv1tFk+F+:VRXgKzutZGSzhiLLdE6D/gaeFq32NX/F
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2