Overview

overview

10

Static

static

3

3a16bff5b8...KI.exe

windows7-x64

10

3a16bff5b8...KI.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    3a16bff5b879fc61ba2e0cf0a868119d_NEIKI

  • Size

    89KB

  • Sample

    240509-pnhadahe5v

  • MD5

    3a16bff5b879fc61ba2e0cf0a868119d

  • SHA1

    3968bf02b8406bc63532ed957a27ad5f2f4fc6bf

  • SHA256

    0078af69de18ca73d6d9b0d8d3a30c465a1ecd10e4047d846b64638105cdb47e

  • SHA512

    fab3b072a7f24cdedc90ac6f058bd3a57781443829e231f26f9f9df436b7c9509904d5e48f45b9a6c0f3c0ebd856b2d213d9ed66442594bdaaf9224a80d999b4

  • SSDEEP

    1536:WEsNtuZBHhSw8hXUZEWJ6LEeINFm0m8ak2DcFoyP9vrPcclExkg8Fk:WE+turHhEhXJW9eINF/n2wvPlPcclaky

Score
10/10
persistence

Malware Config

Targets

    • Target

      3a16bff5b879fc61ba2e0cf0a868119d_NEIKI

    • Size

      89KB

    • MD5

      3a16bff5b879fc61ba2e0cf0a868119d

    • SHA1

      3968bf02b8406bc63532ed957a27ad5f2f4fc6bf

    • SHA256

      0078af69de18ca73d6d9b0d8d3a30c465a1ecd10e4047d846b64638105cdb47e

    • SHA512

      fab3b072a7f24cdedc90ac6f058bd3a57781443829e231f26f9f9df436b7c9509904d5e48f45b9a6c0f3c0ebd856b2d213d9ed66442594bdaaf9224a80d999b4

    • SSDEEP

      1536:WEsNtuZBHhSw8hXUZEWJ6LEeINFm0m8ak2DcFoyP9vrPcclExkg8Fk:WE+turHhEhXJW9eINF/n2wvPlPcclaky

    Score
    10/10
    persistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks