Overview

overview

7

Static

static

7

029fa9bd4b...KI.exe

windows7-x64

7

029fa9bd4b...KI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    029fa9bd4b574623a93390a908ab46d0_NEIKI

  • Size

    1.3MB

  • Sample

    240508-v2fllafa9v

  • MD5

    029fa9bd4b574623a93390a908ab46d0

  • SHA1

    72bc9a85ae2ea43e9c78f3713f58a8370abecd35

  • SHA256

    ddd45351e05ed1360985bef4ed14f558596b5521cacb9d24046549a2cdc2e01d

  • SHA512

    979f539f377513207eaf58838391d6cafe5ae5fd595e299104574d91311965b210b6f4afa028dea7a82edce1e5bdbeaf5df4da96e74afbe75fbfe76f6a85f7a6

  • SSDEEP

    24576:zq2RXvNDXDLU+JyxAdkO8syl7UDD6+K7jHxUuzXSAaEVjjyGweVl8zN/ME1:zqOfNDTLUe6+LyNUvS7L7SAvwhpRB1

Score
7/10
evasionupx

Malware Config

Targets

    • Target

      029fa9bd4b574623a93390a908ab46d0_NEIKI

    • Size

      1.3MB

    • MD5

      029fa9bd4b574623a93390a908ab46d0

    • SHA1

      72bc9a85ae2ea43e9c78f3713f58a8370abecd35

    • SHA256

      ddd45351e05ed1360985bef4ed14f558596b5521cacb9d24046549a2cdc2e01d

    • SHA512

      979f539f377513207eaf58838391d6cafe5ae5fd595e299104574d91311965b210b6f4afa028dea7a82edce1e5bdbeaf5df4da96e74afbe75fbfe76f6a85f7a6

    • SSDEEP

      24576:zq2RXvNDXDLU+JyxAdkO8syl7UDD6+K7jHxUuzXSAaEVjjyGweVl8zN/ME1:zqOfNDTLUe6+LyNUvS7L7SAvwhpRB1

    Score
    7/10
    evasionupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

      evasion

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks