e5950416dd1592df798c14da84e1d6499797058f3e591d55dd4e009eb3c547e9 | Triage

Sharing

General

Target

aab34166a697c318e0bdd4d3144f0870_NEIKI
Size

74KB
Sample

240509-am5a7afh7s
MD5

aab34166a697c318e0bdd4d3144f0870
SHA1

07a837f5c3989c905a4f069dbb507ec40964d62b
SHA256

e5950416dd1592df798c14da84e1d6499797058f3e591d55dd4e009eb3c547e9
SHA512

c2cf3d8662e0059ef0f61ec6de8808038bfb7b54b08b884db8cbe3ee6ae94562ab845af8180e909066a0840edf8afae08356f19e0acdf8711ab491fdf9561619
SSDEEP

1536:ZgzmguW7kd74zuidWIqlj3avvXpbEN3yJafI:Zg6bA3/PHpbQ/I

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  aab34166a697c318e0bdd4d3144f0870_NEIKI
- Size
  
  74KB
- MD5
  
  aab34166a697c318e0bdd4d3144f0870
- SHA1
  
  07a837f5c3989c905a4f069dbb507ec40964d62b
- SHA256
  
  e5950416dd1592df798c14da84e1d6499797058f3e591d55dd4e009eb3c547e9
- SHA512
  
  c2cf3d8662e0059ef0f61ec6de8808038bfb7b54b08b884db8cbe3ee6ae94562ab845af8180e909066a0840edf8afae08356f19e0acdf8711ab491fdf9561619
- SSDEEP
  
  1536:ZgzmguW7kd74zuidWIqlj3avvXpbEN3yJafI:Zg6bA3/PHpbQ/I
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2