266b568058fc3a4d90440bec4999bc43f88d3958b6a7babaeb7acc7eddfaacf7 | Triage

Sharing

General

Target

d08b67ddd3ca0eb22875e654bb9bc0e1_NEIKI
Size

896KB
Sample

240509-pvdwjaaa2t
MD5

d08b67ddd3ca0eb22875e654bb9bc0e1
SHA1

06e0e81c7304a8f60c1ca81e05466c9db31f02de
SHA256

266b568058fc3a4d90440bec4999bc43f88d3958b6a7babaeb7acc7eddfaacf7
SHA512

f6123f2b197cfbab95911abec5681c5e2bb26e518c4d87aeb8734d30b7f2777833060a32baf0c3518c490089f049a65a374ae20f7aa828d432214d6978111719
SSDEEP

12288:9hXJv/ByvNv54B9f01ZmHByvNv5VwLonfBHLqF1Nw5ILonfByvNv5HV:vJvovr4B9f01ZmQvrUENOVvr1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  d08b67ddd3ca0eb22875e654bb9bc0e1_NEIKI
- Size
  
  896KB
- MD5
  
  d08b67ddd3ca0eb22875e654bb9bc0e1
- SHA1
  
  06e0e81c7304a8f60c1ca81e05466c9db31f02de
- SHA256
  
  266b568058fc3a4d90440bec4999bc43f88d3958b6a7babaeb7acc7eddfaacf7
- SHA512
  
  f6123f2b197cfbab95911abec5681c5e2bb26e518c4d87aeb8734d30b7f2777833060a32baf0c3518c490089f049a65a374ae20f7aa828d432214d6978111719
- SSDEEP
  
  12288:9hXJv/ByvNv54B9f01ZmHByvNv5VwLonfBHLqF1Nw5ILonfByvNv5HV:vJvovr4B9f01ZmQvrUENOVvr1
Score

10^/10

persistence
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2