2d56b315d05702423b2af1d3cdd081dc3267fd8a653f225e44de1670026d1f62 | Triage

Sharing

General

Target

ac298c82a45381fba7eff3a65b158210_NEIKI
Size

2.0MB
Sample

240508-pm82psfa56
MD5

ac298c82a45381fba7eff3a65b158210
SHA1

c07a64cd4b2eb64bf2c4deef6173b335426aa7de
SHA256

2d56b315d05702423b2af1d3cdd081dc3267fd8a653f225e44de1670026d1f62
SHA512

8714fceeb2261277701f09064f9b882ac2ae744a8fe94c8bef4d2990cddbc6e809f6780a2f47a4ab88bd9ac271ea28a26823e0ffeefc0cb6618d15eb4b14cd26
SSDEEP

24576:QkrDh8cBU48eoWou2ep8aB4Sb4OUkufiPQEcYQ7skqHWACximTyST7Aa009oLXGa:9px8eoACSbUBf0sLqHRCx7TpPAa5iR

Score

7^/10

Malware Config

Targets

- Target
  
  ac298c82a45381fba7eff3a65b158210_NEIKI
- Size
  
  2.0MB
- MD5
  
  ac298c82a45381fba7eff3a65b158210
- SHA1
  
  c07a64cd4b2eb64bf2c4deef6173b335426aa7de
- SHA256
  
  2d56b315d05702423b2af1d3cdd081dc3267fd8a653f225e44de1670026d1f62
- SHA512
  
  8714fceeb2261277701f09064f9b882ac2ae744a8fe94c8bef4d2990cddbc6e809f6780a2f47a4ab88bd9ac271ea28a26823e0ffeefc0cb6618d15eb4b14cd26
- SSDEEP
  
  24576:QkrDh8cBU48eoWou2ep8aB4Sb4OUkufiPQEcYQ7skqHWACximTyST7Aa009oLXGa:9px8eoACSbUBf0sLqHRCx7TpPAa5iR
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2