034b6847bb5805fe1b6f2a3a39891ca73c787643862e27b2e483b53a1e93655f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dae0c17777590468e97838787e79da90_NEIKI
Size

434KB
Sample

240509-dp72msac38
MD5

dae0c17777590468e97838787e79da90
SHA1

8baa4aadb2f5032f63608f32fc1de3b0a36efdc5
SHA256

034b6847bb5805fe1b6f2a3a39891ca73c787643862e27b2e483b53a1e93655f
SHA512

03bcf08cc05ad2f9003fbfbc7a005388967d2847a4002445269ac517aafb1f88c6f051f4370ff317407945a569c253ee293b259f8c9edaa655e070dc8a117432
SSDEEP

6144:hBGXjAQTxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIt:hsjAvG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  dae0c17777590468e97838787e79da90_NEIKI
- Size
  
  434KB
- MD5
  
  dae0c17777590468e97838787e79da90
- SHA1
  
  8baa4aadb2f5032f63608f32fc1de3b0a36efdc5
- SHA256
  
  034b6847bb5805fe1b6f2a3a39891ca73c787643862e27b2e483b53a1e93655f
- SHA512
  
  03bcf08cc05ad2f9003fbfbc7a005388967d2847a4002445269ac517aafb1f88c6f051f4370ff317407945a569c253ee293b259f8c9edaa655e070dc8a117432
- SSDEEP
  
  6144:hBGXjAQTxSGYwVnXMo0X+mYJhqoxGfDxIAmZ4IB2mMWjWVWreN3SUeDRiwxELHIt:hsjAvG
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2