General
-
Target
c0e880ed6a7a0c1c7732b43ce41c7990_NEIKI
-
Size
70KB
-
Sample
240508-qlrlpsgh84
-
MD5
c0e880ed6a7a0c1c7732b43ce41c7990
-
SHA1
b90d69cdc6df9532c7e58d86e1689a9ddca211b4
-
SHA256
32b9e02eaa6c2e3456e8d1553a883448ed95fd658435cd218c9183342c37a9bf
-
SHA512
cf9e873baaa5813952bd0b85be9684b579e01d8c44916efa4910d7d8426ea464b3b3996f09650f3eada2dbbd2b2459eb3c3461115b2decd17e1d85de402c1f15
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8i:Olg35GTslA5t3/w8i
Malware Config
Targets
-
-
Target
c0e880ed6a7a0c1c7732b43ce41c7990_NEIKI
-
Size
70KB
-
MD5
c0e880ed6a7a0c1c7732b43ce41c7990
-
SHA1
b90d69cdc6df9532c7e58d86e1689a9ddca211b4
-
SHA256
32b9e02eaa6c2e3456e8d1553a883448ed95fd658435cd218c9183342c37a9bf
-
SHA512
cf9e873baaa5813952bd0b85be9684b579e01d8c44916efa4910d7d8426ea464b3b3996f09650f3eada2dbbd2b2459eb3c3461115b2decd17e1d85de402c1f15
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8i:Olg35GTslA5t3/w8i
Score10/10-
Windows security bypass
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-