bf77ce78c1f635a8276cc1ce8d710ea7f6e60570975b16c430b34af9538e2e99 | Triage

Sharing

General

Target

0160447b5e617f5f91cd8aaa7981fa90_NEIKI
Size

352KB
Sample

240509-kyz6qacg33
MD5

0160447b5e617f5f91cd8aaa7981fa90
SHA1

ae8e0c6e2050b3daf3c1754169034e6d8458637e
SHA256

bf77ce78c1f635a8276cc1ce8d710ea7f6e60570975b16c430b34af9538e2e99
SHA512

bdadb8628610cd0b40c1af4cec5b1c09f421b3aeb2511e6b7b7f53f247b9d6f88ce6de1e1b57deb4425627aa73714a50a297e054ad28857197751b6ebe5e698b
SSDEEP

6144:gBLJJhEi3ggz9iWis/j9SrJz9ieis/j9SrJz9is/j9SrJwWisp:OLosUasUqsU6sp

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0160447b5e617f5f91cd8aaa7981fa90_NEIKI
- Size
  
  352KB
- MD5
  
  0160447b5e617f5f91cd8aaa7981fa90
- SHA1
  
  ae8e0c6e2050b3daf3c1754169034e6d8458637e
- SHA256
  
  bf77ce78c1f635a8276cc1ce8d710ea7f6e60570975b16c430b34af9538e2e99
- SHA512
  
  bdadb8628610cd0b40c1af4cec5b1c09f421b3aeb2511e6b7b7f53f247b9d6f88ce6de1e1b57deb4425627aa73714a50a297e054ad28857197751b6ebe5e698b
- SSDEEP
  
  6144:gBLJJhEi3ggz9iWis/j9SrJz9ieis/j9SrJz9is/j9SrJwWisp:OLosUasUqsU6sp
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2