General
-
Target
NEAS.e0754f2de020c1527078b68a2be5e9a0.exe
-
Size
67KB
-
Sample
231014-j74d3aba99
-
MD5
e0754f2de020c1527078b68a2be5e9a0
-
SHA1
16873c62694c96958cb33abeb66a431de408c88b
-
SHA256
e7767d565ff867d2caf098719a6207fba89493c8772cb53678d8db170d4135db
-
SHA512
c6f99bc6ca95fdf7aff98c5feea540d886b877198c004a625bac928a8dadcbcd1b7011d104d26cd4b2ca1b95fcffe1e64a15d6a392e63187c2193b0a9533ac1c
-
SSDEEP
1536:EgXsfgWQN1kYsRxWTg3PwSWe991Rdolpdz6JAkATOOOOOOOOOOOOOOOOOOOOOOOJ:1tWYfGATvPe9slp+ApTOOOOOOOOOOOOC
Malware Config
Targets
-
-
Target
NEAS.e0754f2de020c1527078b68a2be5e9a0.exe
-
Size
67KB
-
MD5
e0754f2de020c1527078b68a2be5e9a0
-
SHA1
16873c62694c96958cb33abeb66a431de408c88b
-
SHA256
e7767d565ff867d2caf098719a6207fba89493c8772cb53678d8db170d4135db
-
SHA512
c6f99bc6ca95fdf7aff98c5feea540d886b877198c004a625bac928a8dadcbcd1b7011d104d26cd4b2ca1b95fcffe1e64a15d6a392e63187c2193b0a9533ac1c
-
SSDEEP
1536:EgXsfgWQN1kYsRxWTg3PwSWe991Rdolpdz6JAkATOOOOOOOOOOOOOOOOOOOOOOOJ:1tWYfGATvPe9slp+ApTOOOOOOOOOOOOC
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1