61d6cae97f9e85e75604b91f38e65843849a11891f44c5c64d14b7053da19643 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0656198149877bee87fc12bee72b0620_NEIKI
Size

35KB
Sample

240509-k677asad2s
MD5

0656198149877bee87fc12bee72b0620
SHA1

7fcf4eff4df823360891a5f309e5961516e6c920
SHA256

61d6cae97f9e85e75604b91f38e65843849a11891f44c5c64d14b7053da19643
SHA512

762f5deab17e6fa6cc4aec7e5f6e3898879565399611f4e07c8350a299c76b5840ae92e68baba869c5015abf55dce10ca4a1e6a047a2b9455b6f4cf0a7f1d2ff
SSDEEP

384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunIVpeNs23mAA6lx+Z:bA74zYcgT/Ekd0ryfjPIunqpeNswm6+Z

Score

7^/10

Malware Config

Targets

- Target
  
  0656198149877bee87fc12bee72b0620_NEIKI
- Size
  
  35KB
- MD5
  
  0656198149877bee87fc12bee72b0620
- SHA1
  
  7fcf4eff4df823360891a5f309e5961516e6c920
- SHA256
  
  61d6cae97f9e85e75604b91f38e65843849a11891f44c5c64d14b7053da19643
- SHA512
  
  762f5deab17e6fa6cc4aec7e5f6e3898879565399611f4e07c8350a299c76b5840ae92e68baba869c5015abf55dce10ca4a1e6a047a2b9455b6f4cf0a7f1d2ff
- SSDEEP
  
  384:bA74uGLLQRcsdeQ72ngEr4K7YmE8j60nrlwfjDUgIunIVpeNs23mAA6lx+Z:bA74zYcgT/Ekd0ryfjPIunqpeNswm6+Z
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2