0599ffbd34a02cd32ffb107cf46e368f8eed5dcc4e8377235de775f2da8ecfa8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e3edd433ce4abc787543ff96dd926790_NEIKI
Size

124KB
Sample

240508-r8xlxacc23
MD5

e3edd433ce4abc787543ff96dd926790
SHA1

2d129d002135b7a3cb887a8b7f4d7c2c29ea357b
SHA256

0599ffbd34a02cd32ffb107cf46e368f8eed5dcc4e8377235de775f2da8ecfa8
SHA512

10ee4f0d10015b3ddad5b5d8de2c6dd87c8d7c90a0be78e2d9b06aed91cc8adf5aaf03de7cef6cb379f6fdefb7118c5c26296637b78e5f1b71cf4d4001df3598
SSDEEP

3072:hRUN0n/l5IhItrUmoIpd0hj6+JB8M6m9jqLsFmsr:S03SItr3n0hj6MB8Mhjwszr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e3edd433ce4abc787543ff96dd926790_NEIKI
- Size
  
  124KB
- MD5
  
  e3edd433ce4abc787543ff96dd926790
- SHA1
  
  2d129d002135b7a3cb887a8b7f4d7c2c29ea357b
- SHA256
  
  0599ffbd34a02cd32ffb107cf46e368f8eed5dcc4e8377235de775f2da8ecfa8
- SHA512
  
  10ee4f0d10015b3ddad5b5d8de2c6dd87c8d7c90a0be78e2d9b06aed91cc8adf5aaf03de7cef6cb379f6fdefb7118c5c26296637b78e5f1b71cf4d4001df3598
- SSDEEP
  
  3072:hRUN0n/l5IhItrUmoIpd0hj6+JB8M6m9jqLsFmsr:S03SItr3n0hj6MB8Mhjwszr
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2