96b23abfb06f671f916703f1b0d80cdbefd7d2561e72bcef2f33db2098332434 | Triage

Sharing

General

Target

37fd006101df5edf5fb3e3ac2783a790_NEIKI
Size

360KB
Sample

240508-yzzs8sfh67
MD5

37fd006101df5edf5fb3e3ac2783a790
SHA1

997149f34c9034f922c14c642c90e65e2a0c0a75
SHA256

96b23abfb06f671f916703f1b0d80cdbefd7d2561e72bcef2f33db2098332434
SHA512

01c75460e78f3afb4eeef4269b3e433a01efb8e8832aef788b29557e1a8e59a3dbd0b082134fd7d8554c91c85dae5058a67238661812758665492232ba28316c
SSDEEP

3072:Jwm326M6Ye/nIcqIOOJF4EISi/i4gG4nTxGkIs6CO:Jf3Cpe/Icl4yjTAkOCO

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  37fd006101df5edf5fb3e3ac2783a790_NEIKI
- Size
  
  360KB
- MD5
  
  37fd006101df5edf5fb3e3ac2783a790
- SHA1
  
  997149f34c9034f922c14c642c90e65e2a0c0a75
- SHA256
  
  96b23abfb06f671f916703f1b0d80cdbefd7d2561e72bcef2f33db2098332434
- SHA512
  
  01c75460e78f3afb4eeef4269b3e433a01efb8e8832aef788b29557e1a8e59a3dbd0b082134fd7d8554c91c85dae5058a67238661812758665492232ba28316c
- SSDEEP
  
  3072:Jwm326M6Ye/nIcqIOOJF4EISi/i4gG4nTxGkIs6CO:Jf3Cpe/Icl4yjTAkOCO
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2