b3156448de0a7c6b6be19750c5259d1cf0557e7e3ff1b7bc60f89333c93f798f | Triage

Sharing

General

Target

00cbc673ba3b5a997b5e6d4558302610_NEIKI
Size

124KB
Sample

240508-hx9yesba52
MD5

00cbc673ba3b5a997b5e6d4558302610
SHA1

7406acd39240f183e84089781346957c76be8a91
SHA256

b3156448de0a7c6b6be19750c5259d1cf0557e7e3ff1b7bc60f89333c93f798f
SHA512

40a7c7180b36f8ab75c88c5ec7dc6f8f0e411a11b40b588cc7d5c54d8dfdb026225761bb699ae81f92acbce3e467280fc9bf0198b63bfca17689a7d7ccd8a5e5
SSDEEP

3072:in7ZquS+vFRRRRRRRCa0j6+JB8M6m9jqLsFmsr:UZqJ+GZj6MB8Mhjwszr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  00cbc673ba3b5a997b5e6d4558302610_NEIKI
- Size
  
  124KB
- MD5
  
  00cbc673ba3b5a997b5e6d4558302610
- SHA1
  
  7406acd39240f183e84089781346957c76be8a91
- SHA256
  
  b3156448de0a7c6b6be19750c5259d1cf0557e7e3ff1b7bc60f89333c93f798f
- SHA512
  
  40a7c7180b36f8ab75c88c5ec7dc6f8f0e411a11b40b588cc7d5c54d8dfdb026225761bb699ae81f92acbce3e467280fc9bf0198b63bfca17689a7d7ccd8a5e5
- SSDEEP
  
  3072:in7ZquS+vFRRRRRRRCa0j6+JB8M6m9jqLsFmsr:UZqJ+GZj6MB8Mhjwszr
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2