Overview

overview

10

Static

static

7

NEAS.da37e...b0.exe

windows7-x64

10

NEAS.da37e...b0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.da37e3395071a32b7ad432d2ff7444b0.exe

  • Size

    61KB

  • Sample

    231028-y12dfsbf8x

  • MD5

    da37e3395071a32b7ad432d2ff7444b0

  • SHA1

    8bcf35c6fb87049c54c5f5640e8f2beb40e2ff71

  • SHA256

    b3b62a750dd928ea8ac8e68a595f3f4aaea223a23c1d548ad58412a5a415e641

  • SHA512

    8ccb6dbbba07dfc25a2793f5b21a15293c6f81a87d6f8b49821182f140b4e580eb81d10108e9bdf5670db8288fdb678e6a401b90a23dca2cfb8a9b5363a009e8

  • SSDEEP

    768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/74WvRY:sUNHFKQbIkHvGMdOU4r

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      NEAS.da37e3395071a32b7ad432d2ff7444b0.exe

    • Size

      61KB

    • MD5

      da37e3395071a32b7ad432d2ff7444b0

    • SHA1

      8bcf35c6fb87049c54c5f5640e8f2beb40e2ff71

    • SHA256

      b3b62a750dd928ea8ac8e68a595f3f4aaea223a23c1d548ad58412a5a415e641

    • SHA512

      8ccb6dbbba07dfc25a2793f5b21a15293c6f81a87d6f8b49821182f140b4e580eb81d10108e9bdf5670db8288fdb678e6a401b90a23dca2cfb8a9b5363a009e8

    • SSDEEP

      768:rAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGKQLddOW/74WvRY:sUNHFKQbIkHvGMdOU4r

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks