aab6ecbea3905f68dee3285768cdb3a7ce7e9085f702c4150b144d7adc496859 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60cd38153cb9e71dd3cc73d8960302d0_NEIKI
Size

275KB
Sample

240508-mehtfaab82
MD5

60cd38153cb9e71dd3cc73d8960302d0
SHA1

bf6d258f8f44d6ca2c5c09a5fa7dac2e09dc8d61
SHA256

aab6ecbea3905f68dee3285768cdb3a7ce7e9085f702c4150b144d7adc496859
SHA512

7464fb5f2e30ee49d9ffc7fdbc6df72895347631f3d52cb03737ea9904b9240f01b2de85fdf419f2ee2d7bd6ed04421e211ea84236d48825355ec32eb2a82c6a
SSDEEP

6144:3pE9sgzL2V4cpC0L4AY7YWT63cpC0L4f:ZEnL2/p9i7drp9S

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  60cd38153cb9e71dd3cc73d8960302d0_NEIKI
- Size
  
  275KB
- MD5
  
  60cd38153cb9e71dd3cc73d8960302d0
- SHA1
  
  bf6d258f8f44d6ca2c5c09a5fa7dac2e09dc8d61
- SHA256
  
  aab6ecbea3905f68dee3285768cdb3a7ce7e9085f702c4150b144d7adc496859
- SHA512
  
  7464fb5f2e30ee49d9ffc7fdbc6df72895347631f3d52cb03737ea9904b9240f01b2de85fdf419f2ee2d7bd6ed04421e211ea84236d48825355ec32eb2a82c6a
- SSDEEP
  
  6144:3pE9sgzL2V4cpC0L4AY7YWT63cpC0L4f:ZEnL2/p9i7drp9S
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2