Overview

overview

10

Static

static

3

0c9f31176a...KI.exe

windows7-x64

10

0c9f31176a...KI.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0c9f31176a9874e4971b92156cc348c0_NEIKI

  • Size

    3.4MB

  • Sample

    240509-ljgaqsba5t

  • MD5

    0c9f31176a9874e4971b92156cc348c0

  • SHA1

    5c7074e158834279d94dd55f01803004e214d8f0

  • SHA256

    06a67c09d5431846afb71540e20757957ca6a29ab1afbc3e3f1368f0d18962cd

  • SHA512

    df86d27fba53da36412b8423d9d480ac22405fdaa08b295439aad579e352db3d34ed6a4f145c6f0d7f08819f1acc1e63a1fd01d6b2a6e127c4992750d43a4826

  • SSDEEP

    98304:hMORykujVH2ygvuPHzmmfu9+hcd5Cj2qH:h5MkuBWr+mGv6dUjjH

Score
10/10
persistence

Malware Config

Targets

    • Target

      0c9f31176a9874e4971b92156cc348c0_NEIKI

    • Size

      3.4MB

    • MD5

      0c9f31176a9874e4971b92156cc348c0

    • SHA1

      5c7074e158834279d94dd55f01803004e214d8f0

    • SHA256

      06a67c09d5431846afb71540e20757957ca6a29ab1afbc3e3f1368f0d18962cd

    • SHA512

      df86d27fba53da36412b8423d9d480ac22405fdaa08b295439aad579e352db3d34ed6a4f145c6f0d7f08819f1acc1e63a1fd01d6b2a6e127c4992750d43a4826

    • SSDEEP

      98304:hMORykujVH2ygvuPHzmmfu9+hcd5Cj2qH:h5MkuBWr+mGv6dUjjH

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks