b809aa3bf38ab8454da64ef2158a542a751cd6ec3d29422b5f93163f5877b86b | Triage

Sharing

General

Target

d706e4fe709747617a60c389d48f26c0_NEIKI
Size

98KB
Sample

240508-rh1kwagd8s
MD5

d706e4fe709747617a60c389d48f26c0
SHA1

66c430f986b33a294605107dd5dbd259d5ac2f41
SHA256

b809aa3bf38ab8454da64ef2158a542a751cd6ec3d29422b5f93163f5877b86b
SHA512

5b7deaf29292281e995fe9fc571dff2ca194db0b0b900a9c4be14c065004d1f3e5e7cfb8ffa521ca6f181e983df7ec0daa766ddbde597cf153329ff9cbed8ce9
SSDEEP

3072:3ODWDKnIl8G8TMhC3vUE9eFKPD375lHzpa1P:eDWDKnSmaC38E9eYr75lHzpaF

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d706e4fe709747617a60c389d48f26c0_NEIKI
- Size
  
  98KB
- MD5
  
  d706e4fe709747617a60c389d48f26c0
- SHA1
  
  66c430f986b33a294605107dd5dbd259d5ac2f41
- SHA256
  
  b809aa3bf38ab8454da64ef2158a542a751cd6ec3d29422b5f93163f5877b86b
- SHA512
  
  5b7deaf29292281e995fe9fc571dff2ca194db0b0b900a9c4be14c065004d1f3e5e7cfb8ffa521ca6f181e983df7ec0daa766ddbde597cf153329ff9cbed8ce9
- SSDEEP
  
  3072:3ODWDKnIl8G8TMhC3vUE9eFKPD375lHzpa1P:eDWDKnSmaC38E9eYr75lHzpaF
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2