c7e5780bde2dfd7babd6c1fc03adc4d3f1cf84acd0f877c099b48a1119b90150 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbef2fe9e06ff13cd822c05406d124b5_NEIKI
Size

33KB
Sample

240509-mjlqwsda3s
MD5

bbef2fe9e06ff13cd822c05406d124b5
SHA1

25f3cb822a7ae0dcf7717d2f481ae3c9693fc943
SHA256

c7e5780bde2dfd7babd6c1fc03adc4d3f1cf84acd0f877c099b48a1119b90150
SHA512

114f36f998d9bc0344fc360d8f9dcd1954bd038686aa25fd9fa1c6e2c528e066610d38fa277526101436b4dc3137b1bb2cd27a50db2c2737ed713c6aa4978fbf
SSDEEP

384:MApc8m4e0LvQak4JI341CNabnkIU0Sq0+:MApQr0LvdFJI34nTkIU0E+

Score

7^/10

Malware Config

Targets

- Target
  
  bbef2fe9e06ff13cd822c05406d124b5_NEIKI
- Size
  
  33KB
- MD5
  
  bbef2fe9e06ff13cd822c05406d124b5
- SHA1
  
  25f3cb822a7ae0dcf7717d2f481ae3c9693fc943
- SHA256
  
  c7e5780bde2dfd7babd6c1fc03adc4d3f1cf84acd0f877c099b48a1119b90150
- SHA512
  
  114f36f998d9bc0344fc360d8f9dcd1954bd038686aa25fd9fa1c6e2c528e066610d38fa277526101436b4dc3137b1bb2cd27a50db2c2737ed713c6aa4978fbf
- SSDEEP
  
  384:MApc8m4e0LvQak4JI341CNabnkIU0Sq0+:MApQr0LvdFJI34nTkIU0E+
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2