Overview

overview

8

Static

static

7

NEAS.d33e6...87.exe

windows7-x64

8

NEAS.d33e6...87.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.d33e60f3d729c3d76233258601398387.exe

  • Size

    157KB

  • Sample

    231031-kkw7xacd96

  • MD5

    d33e60f3d729c3d76233258601398387

  • SHA1

    ce407014f7b07cf54076f93cae7569330069a098

  • SHA256

    5bd781d69f61aefe65034c6602a9ddcfc8ca2d0b1e19c6e240126efe29994bdc

  • SHA512

    f6a4b02717916f5c86206ae36d8d02159c3cdb88d12ca44938c7537bbc0f060aab1f6040429b24339223155a13dd168382de329f286dcbae54d4289759f37bed

  • SSDEEP

    384:+BdCJAKQDuuOFZyUVpULCgDb2prxVTw24I+6Al6zKyXxKDglgTlkgUH/a7wwwp:MdCyTDcZyUpULCgodM96eyXsOf4wwwp

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      NEAS.d33e60f3d729c3d76233258601398387.exe

    • Size

      157KB

    • MD5

      d33e60f3d729c3d76233258601398387

    • SHA1

      ce407014f7b07cf54076f93cae7569330069a098

    • SHA256

      5bd781d69f61aefe65034c6602a9ddcfc8ca2d0b1e19c6e240126efe29994bdc

    • SHA512

      f6a4b02717916f5c86206ae36d8d02159c3cdb88d12ca44938c7537bbc0f060aab1f6040429b24339223155a13dd168382de329f286dcbae54d4289759f37bed

    • SSDEEP

      384:+BdCJAKQDuuOFZyUVpULCgDb2prxVTw24I+6Al6zKyXxKDglgTlkgUH/a7wwwp:MdCyTDcZyUpULCgodM96eyXsOf4wwwp

    Score
    8/10
    evasionupx

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

      evasion

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks