General
-
Target
db17b899dfff125c225762104a420320_NEIKI
-
Size
70KB
-
Sample
240508-rwvlsabd94
-
MD5
db17b899dfff125c225762104a420320
-
SHA1
588bb328f2c726609f2d93adec8244213e82f538
-
SHA256
2bfe1dde9aab799451338024fa4d67809ef18dc53bea1981a3b8eb9a7865b7fa
-
SHA512
4bdb621fe382777a26a50c0d63b8a48abdd4d1de445007662a31e17253f143e4a3cd86b72d7596b1d1a5e1f75571679f1d6299332b76b0243207cbc8e4c82a71
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8J:Olg35GTslA5t3/w8J
Malware Config
Targets
-
-
Target
db17b899dfff125c225762104a420320_NEIKI
-
Size
70KB
-
MD5
db17b899dfff125c225762104a420320
-
SHA1
588bb328f2c726609f2d93adec8244213e82f538
-
SHA256
2bfe1dde9aab799451338024fa4d67809ef18dc53bea1981a3b8eb9a7865b7fa
-
SHA512
4bdb621fe382777a26a50c0d63b8a48abdd4d1de445007662a31e17253f143e4a3cd86b72d7596b1d1a5e1f75571679f1d6299332b76b0243207cbc8e4c82a71
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8J:Olg35GTslA5t3/w8J
Score10/10-
Windows security bypass
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Modifies WinLogon
-
Drops file in System32 directory
-