Overview

overview

10

Static

static

7

NEAS.6d758...c0.exe

windows7-x64

10

NEAS.6d758...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.6d758cb67a111a85b314bb0d939702c0.exe

  • Size

    19KB

  • Sample

    231022-vw5njafh82

  • MD5

    6d758cb67a111a85b314bb0d939702c0

  • SHA1

    fc1e533e311b25d480fbef9964ed285ba0f1d35c

  • SHA256

    6bb4c6714e3089cb51daa14615c0ab9425c282ce6a6fbf16b7c6cf213985e9cf

  • SHA512

    737da7ef8790fa3d24b24ff49affe901fcbe807f02fbbfa731867dfe29d5cb80de4fa40d1f8a4b35be402008e4a5de543708f06b96806c9ae9d5e434e4ee850d

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+faArc:rRkiLw3HsDSARGG/uJA

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      NEAS.6d758cb67a111a85b314bb0d939702c0.exe

    • Size

      19KB

    • MD5

      6d758cb67a111a85b314bb0d939702c0

    • SHA1

      fc1e533e311b25d480fbef9964ed285ba0f1d35c

    • SHA256

      6bb4c6714e3089cb51daa14615c0ab9425c282ce6a6fbf16b7c6cf213985e9cf

    • SHA512

      737da7ef8790fa3d24b24ff49affe901fcbe807f02fbbfa731867dfe29d5cb80de4fa40d1f8a4b35be402008e4a5de543708f06b96806c9ae9d5e434e4ee850d

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX+faArc:rRkiLw3HsDSARGG/uJA

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks