Overview

overview

7

Static

static

7

a259bb355a...KI.exe

windows7-x64

7

a259bb355a...KI.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a259bb355a4bdcf5b9a153cebe89d09f_NEIKI

  • Size

    134KB

  • Sample

    240509-pshrpscf78

  • MD5

    a259bb355a4bdcf5b9a153cebe89d09f

  • SHA1

    35009ac3910d078dc7362f87dd447efb5edededa

  • SHA256

    94a6e5e6284edb048595b78b08bfb00673a3a4cec0b92984c63f7f3879a19125

  • SHA512

    6d3fc74795c6ac2450d8e4492032fb7fee6a9e2fad7e53b7db3fc174225c9912255d4efdaa3de9aa7813a1ab2ee240d40ebc60261f4d08712c5586414f333cef

  • SSDEEP

    1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOO:YfU/WF6QMauSuiWNi9eNOl0007NZIOO

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      a259bb355a4bdcf5b9a153cebe89d09f_NEIKI

    • Size

      134KB

    • MD5

      a259bb355a4bdcf5b9a153cebe89d09f

    • SHA1

      35009ac3910d078dc7362f87dd447efb5edededa

    • SHA256

      94a6e5e6284edb048595b78b08bfb00673a3a4cec0b92984c63f7f3879a19125

    • SHA512

      6d3fc74795c6ac2450d8e4492032fb7fee6a9e2fad7e53b7db3fc174225c9912255d4efdaa3de9aa7813a1ab2ee240d40ebc60261f4d08712c5586414f333cef

    • SSDEEP

      1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOO:YfU/WF6QMauSuiWNi9eNOl0007NZIOO

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks