ee5c3f7736d641955a4e22b1e933303c25c973edf6ff65cbcc0e0482ccb8206d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

030831baf95d38cd6b011f47fc187620_NEIKI
Size

64KB
Sample

240509-k2faqach62
MD5

030831baf95d38cd6b011f47fc187620
SHA1

73e48678b5f1ac3072e6bd4009f1e412a1f7b3b3
SHA256

ee5c3f7736d641955a4e22b1e933303c25c973edf6ff65cbcc0e0482ccb8206d
SHA512

c2736263b756e74b77444854faf8a3e93ceff5197f1b6b5d3877df83351fba2925daccb7314816ab0964c63978d06e1c61c4b1849b76d4dea49aad5e78c194a7
SSDEEP

1536:knqxPvFmyHTVdV3NvVppBSs9lLBsLnVLdGUHyNwi:kubBd9his9lLBsLnVUUHyNwi

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  030831baf95d38cd6b011f47fc187620_NEIKI
- Size
  
  64KB
- MD5
  
  030831baf95d38cd6b011f47fc187620
- SHA1
  
  73e48678b5f1ac3072e6bd4009f1e412a1f7b3b3
- SHA256
  
  ee5c3f7736d641955a4e22b1e933303c25c973edf6ff65cbcc0e0482ccb8206d
- SHA512
  
  c2736263b756e74b77444854faf8a3e93ceff5197f1b6b5d3877df83351fba2925daccb7314816ab0964c63978d06e1c61c4b1849b76d4dea49aad5e78c194a7
- SSDEEP
  
  1536:knqxPvFmyHTVdV3NvVppBSs9lLBsLnVLdGUHyNwi:kubBd9his9lLBsLnVUUHyNwi
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2