d8ca08c2c4fe5e942a141285a79f4b2f507b8e69cadf6e2589746032822bf642 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61cc4dcfd56ec94e32320f9193d9f4e0_NEIKI
Size

34KB
Sample

240508-mftbkafg7s
MD5

61cc4dcfd56ec94e32320f9193d9f4e0
SHA1

6a6027730425ad67a0cab7e431ed0b63f68a3810
SHA256

d8ca08c2c4fe5e942a141285a79f4b2f507b8e69cadf6e2589746032822bf642
SHA512

026b31845b0bcd987241be309a04674aa3fa2048adb22fc6b4b573cb7c256a1133c3d1a4374ce0b130f02bb0224c3637d7e4e85150933a4a7fc7e66712e12a8e
SSDEEP

768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp7j:bxNrC7kYo1Fxf2rY13

Score

7^/10

Malware Config

Targets

- Target
  
  61cc4dcfd56ec94e32320f9193d9f4e0_NEIKI
- Size
  
  34KB
- MD5
  
  61cc4dcfd56ec94e32320f9193d9f4e0
- SHA1
  
  6a6027730425ad67a0cab7e431ed0b63f68a3810
- SHA256
  
  d8ca08c2c4fe5e942a141285a79f4b2f507b8e69cadf6e2589746032822bf642
- SHA512
  
  026b31845b0bcd987241be309a04674aa3fa2048adb22fc6b4b573cb7c256a1133c3d1a4374ce0b130f02bb0224c3637d7e4e85150933a4a7fc7e66712e12a8e
- SSDEEP
  
  768:bxNQIE0eBhkL2Fo1CCwgfjOg9Arbkzos5Pp7j:bxNrC7kYo1Fxf2rY13
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2