Overview

overview

10

Static

static

3

NEAS.e54f6...c0.exe

windows7-x64

10

NEAS.e54f6...c0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.e54f61439134cb5a2ce9bed9333e58c0.exe

  • Size

    357KB

  • Sample

    231028-y2pfaadg73

  • MD5

    e54f61439134cb5a2ce9bed9333e58c0

  • SHA1

    a2b4f0ece512cc9934824493c268c26166aac54e

  • SHA256

    e0abc4838c048ffd7598b0e52530b887ee9048c0b5ca98dbc0984b17db293631

  • SHA512

    80ec20727e473d60b6b1586cae0b21dac1692493bae442fc4ee23cacdd63047ffa27035afebf75d74316e364ba1436f56298543071450715af5bf3c7d4b01318

  • SSDEEP

    6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNUocMs:/pW2IoioS6C7

Score
10/10
discoveryevasionexploitpersistencetrojan

Malware Config

Targets

    • Target

      NEAS.e54f61439134cb5a2ce9bed9333e58c0.exe

    • Size

      357KB

    • MD5

      e54f61439134cb5a2ce9bed9333e58c0

    • SHA1

      a2b4f0ece512cc9934824493c268c26166aac54e

    • SHA256

      e0abc4838c048ffd7598b0e52530b887ee9048c0b5ca98dbc0984b17db293631

    • SHA512

      80ec20727e473d60b6b1586cae0b21dac1692493bae442fc4ee23cacdd63047ffa27035afebf75d74316e364ba1436f56298543071450715af5bf3c7d4b01318

    • SSDEEP

      6144:/pW2bgbbV28okoS1oWMkdlZQ5iinNUocMs:/pW2IoioS6C7

    Score
    10/10
    discoveryevasionexploitpersistencetrojan

    • UAC bypass

      evasiontrojan

    • Disables Task Manager via registry modification

      evasion

    • Possible privilege escalation attempt

      exploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery

    • Modifies system executable filetype association

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks