Overview

overview

10

Static

static

7

NEAS.a499e...c0.exe

windows7-x64

10

NEAS.a499e...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.a499e89b1f8f7299b45769b18f6935c0.exe

  • Size

    32KB

  • Sample

    231016-w6eersag46

  • MD5

    a499e89b1f8f7299b45769b18f6935c0

  • SHA1

    707a5e2475196bdbdc1c5209a519ea9f7fb21c61

  • SHA256

    a70b4dddf26e1940f49d61bf1d6fa119fa531a61ab23b5841780ce19eac2b36d

  • SHA512

    68c21802494ed2de3fb1da23461e7daf36516a8585773d5a9940cea3eee7428e5386f7bed71ede76351a84db7c82804f100dca8a174c0e3f5ea81efe7d842b8b

  • SSDEEP

    768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzK+:QuQRylaUDTDxDXjy6AB7koYy2b

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      NEAS.a499e89b1f8f7299b45769b18f6935c0.exe

    • Size

      32KB

    • MD5

      a499e89b1f8f7299b45769b18f6935c0

    • SHA1

      707a5e2475196bdbdc1c5209a519ea9f7fb21c61

    • SHA256

      a70b4dddf26e1940f49d61bf1d6fa119fa531a61ab23b5841780ce19eac2b36d

    • SHA512

      68c21802494ed2de3fb1da23461e7daf36516a8585773d5a9940cea3eee7428e5386f7bed71ede76351a84db7c82804f100dca8a174c0e3f5ea81efe7d842b8b

    • SSDEEP

      768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzK+:QuQRylaUDTDxDXjy6AB7koYy2b

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks