Overview

overview

8

Static

static

7

NEAS.0fa93...10.exe

windows7-x64

8

NEAS.0fa93...10.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.0fa93c6ba24dc04b9530ef5940bfc210.exe

  • Size

    3.7MB

  • Sample

    231101-fdpr2aae7y

  • MD5

    0fa93c6ba24dc04b9530ef5940bfc210

  • SHA1

    1508f1b81d08a20758ef553a86e3c9652223a4d4

  • SHA256

    fb98d6d3d4e9730bc6e5e6febac17d29ee49ce28606eaafe12cd5bae3ab1ad45

  • SHA512

    62e99d5df86454d0bc2b86719d6bee77765d032f6c4af8691e2d6a24ad3bf15b962479902a03ab3b39a8ab34fb7eaba91762543bfc39717c939f14c2f49c4aa9

  • SSDEEP

    98304:e3obcEffDvnh88mNuHMiABZlZlpGiuKvBGMQ9jfn:es7nhVPPiXHGbkAhln

Score
8/10
persistencevmprotect

Malware Config

Targets

    • Target

      NEAS.0fa93c6ba24dc04b9530ef5940bfc210.exe

    • Size

      3.7MB

    • MD5

      0fa93c6ba24dc04b9530ef5940bfc210

    • SHA1

      1508f1b81d08a20758ef553a86e3c9652223a4d4

    • SHA256

      fb98d6d3d4e9730bc6e5e6febac17d29ee49ce28606eaafe12cd5bae3ab1ad45

    • SHA512

      62e99d5df86454d0bc2b86719d6bee77765d032f6c4af8691e2d6a24ad3bf15b962479902a03ab3b39a8ab34fb7eaba91762543bfc39717c939f14c2f49c4aa9

    • SSDEEP

      98304:e3obcEffDvnh88mNuHMiABZlZlpGiuKvBGMQ9jfn:es7nhVPPiXHGbkAhln

    Score
    8/10
    persistencevmprotect

    • Modifies AppInit DLL entries

      persistence

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks