e6cad63dc4450528204c7d9ca0bfd333557ef6f27f38b7c855eba609ebbbe4fc | Triage

Sharing

General

Target

3edbc5bec2e6dea34e8386f9ed048ba0_NEIKI
Size

89KB
Sample

240508-k6cqdsda71
MD5

3edbc5bec2e6dea34e8386f9ed048ba0
SHA1

ca1f3159b997dd4008ba00d098aa5ee2b859d9ba
SHA256

e6cad63dc4450528204c7d9ca0bfd333557ef6f27f38b7c855eba609ebbbe4fc
SHA512

028da8f3c25e9f92a837f88e0342393cfc11b6c54b0e118167ddc86fb2defc587dbcaf24c6b571954177f8d7c0b2e6502114659b28597453ac7318e3fa552805
SSDEEP

1536:cnhJXf6tYN6TNiFfeO3gdAj+M8z0+RRwwfGHaYY37jDLedcRlExkg8F:u3v6tg6sFftgyjs/wwcar4cRlakgw

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3edbc5bec2e6dea34e8386f9ed048ba0_NEIKI
- Size
  
  89KB
- MD5
  
  3edbc5bec2e6dea34e8386f9ed048ba0
- SHA1
  
  ca1f3159b997dd4008ba00d098aa5ee2b859d9ba
- SHA256
  
  e6cad63dc4450528204c7d9ca0bfd333557ef6f27f38b7c855eba609ebbbe4fc
- SHA512
  
  028da8f3c25e9f92a837f88e0342393cfc11b6c54b0e118167ddc86fb2defc587dbcaf24c6b571954177f8d7c0b2e6502114659b28597453ac7318e3fa552805
- SSDEEP
  
  1536:cnhJXf6tYN6TNiFfeO3gdAj+M8z0+RRwwfGHaYY37jDLedcRlExkg8F:u3v6tg6sFftgyjs/wwcar4cRlakgw
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2