52626b961bd3f6903b55b10753ca9a7a76d29be6eefe8eededa6543f44a51f5a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

071dafa638b8910f4256beaf9c8a5170_NEIKI
Size

285KB
Sample

240508-wdkfbaac83
MD5

071dafa638b8910f4256beaf9c8a5170
SHA1

dc8da4b0eb48d6d32b6d5618f433508e92556696
SHA256

52626b961bd3f6903b55b10753ca9a7a76d29be6eefe8eededa6543f44a51f5a
SHA512

1ef8b793f09a91a4ce4c643a0a1431d6175e8f6ffae9638e3f7268c6750954fb252519608df3cfc60fbef1e643ddffbc2a90f102a136372dd49d1b9e03c66a1d
SSDEEP

3072:otkAG2UeRE4wX5bceQKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:gE4wpbXQKQIoi7tWa

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  071dafa638b8910f4256beaf9c8a5170_NEIKI
- Size
  
  285KB
- MD5
  
  071dafa638b8910f4256beaf9c8a5170
- SHA1
  
  dc8da4b0eb48d6d32b6d5618f433508e92556696
- SHA256
  
  52626b961bd3f6903b55b10753ca9a7a76d29be6eefe8eededa6543f44a51f5a
- SHA512
  
  1ef8b793f09a91a4ce4c643a0a1431d6175e8f6ffae9638e3f7268c6750954fb252519608df3cfc60fbef1e643ddffbc2a90f102a136372dd49d1b9e03c66a1d
- SSDEEP
  
  3072:otkAG2UeRE4wX5bceQKVcbMloVRr3uMg0kAqSxYiJ2QM4GKch:gE4wpbXQKQIoi7tWa
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2