Overview

overview

10

Static

static

3

NEAS.6b350...f0.exe

windows7-x64

10

NEAS.6b350...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.6b350b9a1e7019e20a5a58154c0da5f0.exe

  • Size

    42KB

  • Sample

    231022-vw28eafh39

  • MD5

    6b350b9a1e7019e20a5a58154c0da5f0

  • SHA1

    a31bdc6b6e73477f6a33aa97950c0c26f988b940

  • SHA256

    5406ad0762e377ca96816935dd64b643f472cdb530d0350cf3ee9799e0315dcc

  • SHA512

    40a59624595164dbff92a64648f309808f97d69a327849bf80bc7d9b1935ea29e8c5092295559eb4be71ba6de1ccafead29157d607983dc3fc99775036bf590e

  • SSDEEP

    768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvWI:RUNHFKQbIkHvGkAE

Score
10/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.6b350b9a1e7019e20a5a58154c0da5f0.exe

    • Size

      42KB

    • MD5

      6b350b9a1e7019e20a5a58154c0da5f0

    • SHA1

      a31bdc6b6e73477f6a33aa97950c0c26f988b940

    • SHA256

      5406ad0762e377ca96816935dd64b643f472cdb530d0350cf3ee9799e0315dcc

    • SHA512

      40a59624595164dbff92a64648f309808f97d69a327849bf80bc7d9b1935ea29e8c5092295559eb4be71ba6de1ccafead29157d607983dc3fc99775036bf590e

    • SSDEEP

      768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvWI:RUNHFKQbIkHvGkAE

    Score
    10/10
    evasionpersistencetrojan

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks