Overview

overview

10

Static

static

3

NEAS.ecab2...00.exe

windows7-x64

10

NEAS.ecab2...00.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.ecab2ca363e790998d3e23b8819e3d00.exe

  • Size

    149KB

  • Sample

    231014-x93gfacd95

  • MD5

    ecab2ca363e790998d3e23b8819e3d00

  • SHA1

    5b6a6243575b7d75602ff84da153908c1439c17b

  • SHA256

    4c482f336a46ab1c6940cf24164ee4e67cba076611d46d9a6953d36740cba203

  • SHA512

    5b7c42f9e5fc367710e33711ff39ebd797457d39e364e1c1c2d09459d624a5b735df8901ba85dc006acb3b9292d4108e6052dd6b771e74efc8b9b25db8d490a1

  • SSDEEP

    1536:TMFJk2N4T/NuCZAevofXtMRTRx4fkKeTPyxVvtj0JOfz5UiG4rVobdIzdVXlIV4U:T/VNiYFHDPE5HFMWVVb0WXDhKh9Hj1

Score
10/10
evasion

Malware Config

Targets

    • Target

      NEAS.ecab2ca363e790998d3e23b8819e3d00.exe

    • Size

      149KB

    • MD5

      ecab2ca363e790998d3e23b8819e3d00

    • SHA1

      5b6a6243575b7d75602ff84da153908c1439c17b

    • SHA256

      4c482f336a46ab1c6940cf24164ee4e67cba076611d46d9a6953d36740cba203

    • SHA512

      5b7c42f9e5fc367710e33711ff39ebd797457d39e364e1c1c2d09459d624a5b735df8901ba85dc006acb3b9292d4108e6052dd6b771e74efc8b9b25db8d490a1

    • SSDEEP

      1536:TMFJk2N4T/NuCZAevofXtMRTRx4fkKeTPyxVvtj0JOfz5UiG4rVobdIzdVXlIV4U:T/VNiYFHDPE5HFMWVVb0WXDhKh9Hj1

    Score
    10/10
    evasion

    • Modifies visibility of file extensions in Explorer

      evasion

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks