General
-
Target
NEAS.7122634562f995d36fff8e9167b6f6c0.exe
-
Size
547KB
-
Sample
231013-y8r5raah3s
-
MD5
7122634562f995d36fff8e9167b6f6c0
-
SHA1
618c9d1688b9aaed842c4ed858ea19a4591bc536
-
SHA256
9d323fbffaa53c64c1bafa92f305630ca48dce8cd835d8d1e4244690483c1fd7
-
SHA512
7bc528ff258ddf6bfd2b94056421273ad41ebb7147e28a456ddf98a04286d072ac7e72ad76ebab8bf577b57f1607ac959a26e8c86534a7cd622e0eca7747b4d2
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNrv26mYEZzROV7vdg:/pW2IoioS6pV+
Malware Config
Targets
-
-
Target
NEAS.7122634562f995d36fff8e9167b6f6c0.exe
-
Size
547KB
-
MD5
7122634562f995d36fff8e9167b6f6c0
-
SHA1
618c9d1688b9aaed842c4ed858ea19a4591bc536
-
SHA256
9d323fbffaa53c64c1bafa92f305630ca48dce8cd835d8d1e4244690483c1fd7
-
SHA512
7bc528ff258ddf6bfd2b94056421273ad41ebb7147e28a456ddf98a04286d072ac7e72ad76ebab8bf577b57f1607ac959a26e8c86534a7cd622e0eca7747b4d2
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNrv26mYEZzROV7vdg:/pW2IoioS6pV+
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies file permissions
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Change Default File Association
1