Overview

overview

10

Static

static

3

NEAS.95dfa...90.exe

windows7-x64

10

NEAS.95dfa...90.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.95dfac8e665e4a2b202c35fc7de94890.exe

  • Size

    477KB

  • Sample

    231016-w46q8saa65

  • MD5

    95dfac8e665e4a2b202c35fc7de94890

  • SHA1

    88c9ebad5be7928bfec257188f8084ae047a3394

  • SHA256

    719661cef892f6760da42cf065f6ede19091f1bfcacceb3fce464f637c8a9eb2

  • SHA512

    d9cde1801da8e02ac056fa917eadf61565d73e27b95e6f989939741adbfb3c541dd482839dfd57fe0b0731bffe8be4dcda519d23008e3809c2b8373a64e338e2

  • SSDEEP

    6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNs0t1TqePDmC+nvFkHmXY:/pW2IoioS6m+

Score
10/10
discoveryevasionexploitpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.95dfac8e665e4a2b202c35fc7de94890.exe

    • Size

      477KB

    • MD5

      95dfac8e665e4a2b202c35fc7de94890

    • SHA1

      88c9ebad5be7928bfec257188f8084ae047a3394

    • SHA256

      719661cef892f6760da42cf065f6ede19091f1bfcacceb3fce464f637c8a9eb2

    • SHA512

      d9cde1801da8e02ac056fa917eadf61565d73e27b95e6f989939741adbfb3c541dd482839dfd57fe0b0731bffe8be4dcda519d23008e3809c2b8373a64e338e2

    • SSDEEP

      6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNs0t1TqePDmC+nvFkHmXY:/pW2IoioS6m+

    Score
    10/10
    discoveryevasionexploitpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks