ba350e00b3951290c690715c43d42a71496ae0c6da939168a246001b316e9014 | Triage

Sharing

General

Target

c4c266d800a2d78f025bc0dc82386280_NEIKI
Size

437KB
Sample

240509-b8xnxaed69
MD5

c4c266d800a2d78f025bc0dc82386280
SHA1

abc84fba7f1fa449d448c45c6f22163f5c97a863
SHA256

ba350e00b3951290c690715c43d42a71496ae0c6da939168a246001b316e9014
SHA512

a63fea75ec6cd69e14d0950b32625bc68f68ff6e19bd713043eedb8458472daba42a751f0326f203df7182a2ec7387ca3ee36808062fc654f6171870f8219e42
SSDEEP

6144:W1uuiTWh3gPQ///NR5fLYG3eujPQ///NR5f23HHeMX5mKvok:wfhR/NcZ7/N+HHTX5mKvok

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c4c266d800a2d78f025bc0dc82386280_NEIKI
- Size
  
  437KB
- MD5
  
  c4c266d800a2d78f025bc0dc82386280
- SHA1
  
  abc84fba7f1fa449d448c45c6f22163f5c97a863
- SHA256
  
  ba350e00b3951290c690715c43d42a71496ae0c6da939168a246001b316e9014
- SHA512
  
  a63fea75ec6cd69e14d0950b32625bc68f68ff6e19bd713043eedb8458472daba42a751f0326f203df7182a2ec7387ca3ee36808062fc654f6171870f8219e42
- SSDEEP
  
  6144:W1uuiTWh3gPQ///NR5fLYG3eujPQ///NR5f23HHeMX5mKvok:wfhR/NcZ7/N+HHTX5mKvok
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2