75366e9bc32050c0155160e9720dee47a592ffa5325babac39ed584790ca9229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00788a44bfb80a675ec1f1f073f7a980_NEIKI
Size

347KB
Sample

240508-hxpmgsba27
MD5

00788a44bfb80a675ec1f1f073f7a980
SHA1

49680d72d8eed49b661616165420c8057ca52f2a
SHA256

75366e9bc32050c0155160e9720dee47a592ffa5325babac39ed584790ca9229
SHA512

77b05c5bb8addfd904c8ef07b18833da4a2b2bd04c5e0a4d837ff490a1cb70dce59ca0830baf0de9108c58ffb5b51754a4dab126f69ee95d7d3d1a695c6d6bd6
SSDEEP

6144:Yx8pOnPwZUljOsT2Zwo5ix4brq2Ah1FM6234lKm3mo8Yvi4KsLTFM6234lKm3qk9:O8pOIZUljJ2ZwPx4brRGFB24lwR45FBn

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  00788a44bfb80a675ec1f1f073f7a980_NEIKI
- Size
  
  347KB
- MD5
  
  00788a44bfb80a675ec1f1f073f7a980
- SHA1
  
  49680d72d8eed49b661616165420c8057ca52f2a
- SHA256
  
  75366e9bc32050c0155160e9720dee47a592ffa5325babac39ed584790ca9229
- SHA512
  
  77b05c5bb8addfd904c8ef07b18833da4a2b2bd04c5e0a4d837ff490a1cb70dce59ca0830baf0de9108c58ffb5b51754a4dab126f69ee95d7d3d1a695c6d6bd6
- SSDEEP
  
  6144:Yx8pOnPwZUljOsT2Zwo5ix4brq2Ah1FM6234lKm3mo8Yvi4KsLTFM6234lKm3qk9:O8pOIZUljJ2ZwPx4brRGFB24lwR45FBn
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2