eb3111fa49c241bca8feb1d160b2b2741f6defa5bf54f0905e713d236aa16f16 | Triage

Sharing

General

Target

e66aed98620407c223c7f3ae250049e0_NEIKI
Size

192KB
Sample

240509-eg9e6scb68
MD5

e66aed98620407c223c7f3ae250049e0
SHA1

7c5d3a2bd68609c54b2e64e9d821f4a710baa66d
SHA256

eb3111fa49c241bca8feb1d160b2b2741f6defa5bf54f0905e713d236aa16f16
SHA512

e1dfab5b6049641cafbe825cc32f90eaf7d8df93745a2ce737a10949e80c6c9051173dc3856b440544561b86f14d0f6ca77a22e67cca5542de1944361b84b02b
SSDEEP

3072:o+DAN0hj6VKV8yBuwdarlOGA8d2E2fAYjmjRrz3EdoQO6+bQ+:o+K0hjSK+yjdRXE2fAEGD16+bJ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  e66aed98620407c223c7f3ae250049e0_NEIKI
- Size
  
  192KB
- MD5
  
  e66aed98620407c223c7f3ae250049e0
- SHA1
  
  7c5d3a2bd68609c54b2e64e9d821f4a710baa66d
- SHA256
  
  eb3111fa49c241bca8feb1d160b2b2741f6defa5bf54f0905e713d236aa16f16
- SHA512
  
  e1dfab5b6049641cafbe825cc32f90eaf7d8df93745a2ce737a10949e80c6c9051173dc3856b440544561b86f14d0f6ca77a22e67cca5542de1944361b84b02b
- SSDEEP
  
  3072:o+DAN0hj6VKV8yBuwdarlOGA8d2E2fAYjmjRrz3EdoQO6+bQ+:o+K0hjSK+yjdRXE2fAEGD16+bJ
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2