Overview

overview

10

Static

static

3

NEAS.4961a...70.exe

windows7-x64

10

NEAS.4961a...70.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.4961af74906c6037a402d920986a0970.exe

  • Size

    148KB

  • Sample

    231016-wyk8cach5x

  • MD5

    4961af74906c6037a402d920986a0970

  • SHA1

    b098158033fa8700dc44d949b3b71d83d6fca389

  • SHA256

    07767de0fff058b1c14d409b695f64e2f1de34cebfc68dfc16857cb0e91ee204

  • SHA512

    ff19b3163365db725a86e4e8a6fa0d03fc8a10fdc13cea2b0cda3588e620eb56196820a0d50e4ded3e49f9ccb15fb121b8bbf1a2c8ea8c52963b4331cfd5e1f5

  • SSDEEP

    1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPo:rC3XWoixXDncBV4X5HzKxGYCzTNyTJo

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      NEAS.4961af74906c6037a402d920986a0970.exe

    • Size

      148KB

    • MD5

      4961af74906c6037a402d920986a0970

    • SHA1

      b098158033fa8700dc44d949b3b71d83d6fca389

    • SHA256

      07767de0fff058b1c14d409b695f64e2f1de34cebfc68dfc16857cb0e91ee204

    • SHA512

      ff19b3163365db725a86e4e8a6fa0d03fc8a10fdc13cea2b0cda3588e620eb56196820a0d50e4ded3e49f9ccb15fb121b8bbf1a2c8ea8c52963b4331cfd5e1f5

    • SSDEEP

      1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPo:rC3XWoixXDncBV4X5HzKxGYCzTNyTJo

    Score
    10/10
    evasionpersistence

    • Modifies WinLogon for persistence

      persistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks