f598eeb03dab1fde3c346503716d51184a5c913ed3dcdcffcf3841f3d6fbcd29 | Triage

Sharing

General

Target

ae80051e8c602cff7ba03f51f69c4410_NEIKI
Size

55KB
Sample

240508-prmz2acg3t
MD5

ae80051e8c602cff7ba03f51f69c4410
SHA1

07725f519243b575ed7a8e306e90679a7b76723c
SHA256

f598eeb03dab1fde3c346503716d51184a5c913ed3dcdcffcf3841f3d6fbcd29
SHA512

595196402395fab9f104893da1f5b88b3d29a6eda9180336354a4d2596398dc59a429fa00e10e2f0fefb5bc3d4c895f6823136c650abd765ca0f48692708495a
SSDEEP

768:WA+CKBCkVhyISICWPRMoz5SBW1xQuLfzkkGlcD4Jy2AU/SrwM8XJZ/1H5EXdnh:W/XhDSICW/xQuLOHiJrw74

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ae80051e8c602cff7ba03f51f69c4410_NEIKI
- Size
  
  55KB
- MD5
  
  ae80051e8c602cff7ba03f51f69c4410
- SHA1
  
  07725f519243b575ed7a8e306e90679a7b76723c
- SHA256
  
  f598eeb03dab1fde3c346503716d51184a5c913ed3dcdcffcf3841f3d6fbcd29
- SHA512
  
  595196402395fab9f104893da1f5b88b3d29a6eda9180336354a4d2596398dc59a429fa00e10e2f0fefb5bc3d4c895f6823136c650abd765ca0f48692708495a
- SSDEEP
  
  768:WA+CKBCkVhyISICWPRMoz5SBW1xQuLfzkkGlcD4Jy2AU/SrwM8XJZ/1H5EXdnh:W/XhDSICW/xQuLOHiJrw74
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2