11735a7e0e268558e47bf5d293871c6795a1d1247b13bffd873ce1c0fb80653a | Triage

Sharing

General

Target

e59fb9d9b25e0a06913643c7bd250cf0_NEIKI
Size

96KB
Sample

240508-shh69sac4w
MD5

e59fb9d9b25e0a06913643c7bd250cf0
SHA1

afcbd96ecc4967c3d816b087a3c8f96faf19f61b
SHA256

11735a7e0e268558e47bf5d293871c6795a1d1247b13bffd873ce1c0fb80653a
SHA512

aa788c5433b587fe8b4900ec085ce93d6c4403bb63c93c5b28b93c1b79b5272d5bf7c1d9a82b11bde6f5c6d7d99b3ad36e6d5ab6a6bfb671608b23ff5c36adf0
SSDEEP

1536:niLmXp7nub4tuTgC3kUYEA62DhyXz1zs9UAIwmdbStZPduV9jojTIvjrH:nNU4sTVHKyDpmUWWStZPd69jc0vf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e59fb9d9b25e0a06913643c7bd250cf0_NEIKI
- Size
  
  96KB
- MD5
  
  e59fb9d9b25e0a06913643c7bd250cf0
- SHA1
  
  afcbd96ecc4967c3d816b087a3c8f96faf19f61b
- SHA256
  
  11735a7e0e268558e47bf5d293871c6795a1d1247b13bffd873ce1c0fb80653a
- SHA512
  
  aa788c5433b587fe8b4900ec085ce93d6c4403bb63c93c5b28b93c1b79b5272d5bf7c1d9a82b11bde6f5c6d7d99b3ad36e6d5ab6a6bfb671608b23ff5c36adf0
- SSDEEP
  
  1536:niLmXp7nub4tuTgC3kUYEA62DhyXz1zs9UAIwmdbStZPduV9jojTIvjrH:nNU4sTVHKyDpmUWWStZPd69jc0vf
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2