1695524bb4fe1b67e3554e5b35b4b7618fa7016300b0352969e26b1df2f5b957 | Triage

Sharing

General

Target

e0901fb2a796284c0c19d89ffd68d570_NEIKI
Size

72KB
Sample

240509-d45vtsbc27
MD5

e0901fb2a796284c0c19d89ffd68d570
SHA1

bac1139b560e5ec40d700f4199d6560cc518f3f5
SHA256

1695524bb4fe1b67e3554e5b35b4b7618fa7016300b0352969e26b1df2f5b957
SHA512

932b8f716133af3aafcfc3e80f5f12042777a7e4c50c83d40ea8578850bc0970e630984f761dacb1954a2ec84044ac71e96d25b0e7353b95d137dff0fbc62a75
SSDEEP

1536:jM40uLdZQ5UhqO60qYJp083sz7n1yF8z/65m:jMOZc8qO609p0Zz7n1u8T65m

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e0901fb2a796284c0c19d89ffd68d570_NEIKI
- Size
  
  72KB
- MD5
  
  e0901fb2a796284c0c19d89ffd68d570
- SHA1
  
  bac1139b560e5ec40d700f4199d6560cc518f3f5
- SHA256
  
  1695524bb4fe1b67e3554e5b35b4b7618fa7016300b0352969e26b1df2f5b957
- SHA512
  
  932b8f716133af3aafcfc3e80f5f12042777a7e4c50c83d40ea8578850bc0970e630984f761dacb1954a2ec84044ac71e96d25b0e7353b95d137dff0fbc62a75
- SSDEEP
  
  1536:jM40uLdZQ5UhqO60qYJp083sz7n1yF8z/65m:jMOZc8qO609p0Zz7n1u8T65m
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2