5cbd208cda9350b3ac05a0ac7567e330403376a016e47056a1570ba6e4a483d2 | Triage

Sharing

General

Target

5cfd9544d4c9dc4e8a0666dd342463f0_NEIKI
Size

176KB
Sample

240508-l9m6zafd21
MD5

5cfd9544d4c9dc4e8a0666dd342463f0
SHA1

8ee5430e0907e59512e6eb80491276baad2af549
SHA256

5cbd208cda9350b3ac05a0ac7567e330403376a016e47056a1570ba6e4a483d2
SHA512

a02d27df5f44ccfb5d36be2ae3afd921d9560696a72c0e471bc2fbd649658739824ca76b503143b247a6a1b02e2e93284f006743e9ad8bf1da6da91e254c697f
SSDEEP

3072:6bG7N2kDTHUpouFGaZpO2a1ZqkdWWceM4bJ1etPzy5n+/mGCKGjI:6bE/HU9PHa14+lbXetry5nmyjI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  5cfd9544d4c9dc4e8a0666dd342463f0_NEIKI
- Size
  
  176KB
- MD5
  
  5cfd9544d4c9dc4e8a0666dd342463f0
- SHA1
  
  8ee5430e0907e59512e6eb80491276baad2af549
- SHA256
  
  5cbd208cda9350b3ac05a0ac7567e330403376a016e47056a1570ba6e4a483d2
- SHA512
  
  a02d27df5f44ccfb5d36be2ae3afd921d9560696a72c0e471bc2fbd649658739824ca76b503143b247a6a1b02e2e93284f006743e9ad8bf1da6da91e254c697f
- SSDEEP
  
  3072:6bG7N2kDTHUpouFGaZpO2a1ZqkdWWceM4bJ1etPzy5n+/mGCKGjI:6bE/HU9PHa14+lbXetry5nmyjI
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  38KB
- MD5
  
  a35cdc9cf1d17216c0ab8c5282488ead
- SHA1
  
  ed8e8091a924343ad8791d85e2733c14839f0d36
- SHA256
  
  a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df
- SHA512
  
  0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf
- SSDEEP
  
  384:njt65uI9oYzcCaHjl9Cb4I1f0AGhrHXoREnRxtIpH/u0abJ2v2DW9O9tk8ZwkpwD:noHtNQoRSIwTJB6Q/kPyBp6
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsJSON.dll
- Size
  
  23KB
- MD5
  
  f4d89d9a2a3e2f164aea3e93864905c9
- SHA1
  
  4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a
- SHA256
  
  64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb
- SHA512
  
  dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2
- SSDEEP
  
  384:n7U5CiIZ1ZC2RvhrTfldNuwQ5pk+BISivMyyOgqCoRUj+OvHxOuofnykhVQJrTU:YoZ1ZnhrTfldqk7Yyy94RxOcVQJrT
Score

3^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10