516275be5632d4283c598849877d60e353b5057fa775e4eb1e1ae19b67602558 | Triage

Sharing

General

Target

491c45f71414d522857c6acbcdc21410_NEIKI
Size

465KB
Sample

240508-lh3gksgd77
MD5

491c45f71414d522857c6acbcdc21410
SHA1

4565f4599993b85665b5a4bc2d7877919e9562db
SHA256

516275be5632d4283c598849877d60e353b5057fa775e4eb1e1ae19b67602558
SHA512

d08f527aa98b00907dcc279e639248b4ec08c5a214dc4ccc156e62f8b01027c95e3174257a0ad4aa83c5e03af65ea674dc707f798d5ead25725a05b04e1dc7d1
SSDEEP

6144:gqOsEPMeeSTp+STYaT15fq1+EKOCLxuC7Vg6h7VIjUo:3TEfTZTYapU8N5VTVVIj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  491c45f71414d522857c6acbcdc21410_NEIKI
- Size
  
  465KB
- MD5
  
  491c45f71414d522857c6acbcdc21410
- SHA1
  
  4565f4599993b85665b5a4bc2d7877919e9562db
- SHA256
  
  516275be5632d4283c598849877d60e353b5057fa775e4eb1e1ae19b67602558
- SHA512
  
  d08f527aa98b00907dcc279e639248b4ec08c5a214dc4ccc156e62f8b01027c95e3174257a0ad4aa83c5e03af65ea674dc707f798d5ead25725a05b04e1dc7d1
- SSDEEP
  
  6144:gqOsEPMeeSTp+STYaT15fq1+EKOCLxuC7Vg6h7VIjUo:3TEfTZTYapU8N5VTVVIj
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2