f0d72701d93e4e72d2f7ad39e95a116e7b9c1e8192624c6a7ecb75659d029337 | Triage

Sharing

General

Target

c5203e5a3fcaf573f4b69f3639bb3160_NEIKI
Size

224KB
Sample

240509-b9jtfabh2y
MD5

c5203e5a3fcaf573f4b69f3639bb3160
SHA1

5f5448af97c168107ec46dbf488d8ab0c2d2cbb0
SHA256

f0d72701d93e4e72d2f7ad39e95a116e7b9c1e8192624c6a7ecb75659d029337
SHA512

5d7a060d48b2d53a1effd42afdbacde02884ee3822fbb9cf8de8b099d3ea65d04ffd3dcf60987c635275d487f657ff2d437f95a3b667369caffa7ec445617f8e
SSDEEP

3072:FC3OJFe11KjF4q9IuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgt:TJFe1Ayo4s5tTDUZNSN58VU5tTtf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c5203e5a3fcaf573f4b69f3639bb3160_NEIKI
- Size
  
  224KB
- MD5
  
  c5203e5a3fcaf573f4b69f3639bb3160
- SHA1
  
  5f5448af97c168107ec46dbf488d8ab0c2d2cbb0
- SHA256
  
  f0d72701d93e4e72d2f7ad39e95a116e7b9c1e8192624c6a7ecb75659d029337
- SHA512
  
  5d7a060d48b2d53a1effd42afdbacde02884ee3822fbb9cf8de8b099d3ea65d04ffd3dcf60987c635275d487f657ff2d437f95a3b667369caffa7ec445617f8e
- SSDEEP
  
  3072:FC3OJFe11KjF4q9IuYUvIMDrFDHZtOgxBOXXwwfBoD6N3h8N5G2qVUDrFDHZtOgt:TJFe1Ayo4s5tTDUZNSN58VU5tTtf
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2