Overview

overview

10

Static

static

3

NEAS.59237...a0.exe

windows7-x64

10

NEAS.59237...a0.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.59237f98619918789d844c53a6b11ca0.exe

  • Size

    21KB

  • Sample

    231101-jfza2acd41

  • MD5

    59237f98619918789d844c53a6b11ca0

  • SHA1

    c59e409cc9985c0e3ed5be5c1310bc861afcc395

  • SHA256

    753e9a7b2ceafc387b493a78cb67b3b7f5ae64e6fb34b37b5ccc8bfdf8b088f3

  • SHA512

    5ef9a72b6eec847da45c49f2dea38d2d9ef053a950bd64e806e27ec94d48c2f4fe80d294427e93a89e9f9fc3828ad54d7b79d604a73c686bd60b64eaefd612c3

  • SSDEEP

    384:jIz4RzfVzXQnpFurRW+ntZHu6sJuDwSXgqD5jbF4p:jIURpzAp+RFtNvGuDwMip

Score
10/10
evasionpersistencetrojanupx

Malware Config

Targets

    • Target

      NEAS.59237f98619918789d844c53a6b11ca0.exe

    • Size

      21KB

    • MD5

      59237f98619918789d844c53a6b11ca0

    • SHA1

      c59e409cc9985c0e3ed5be5c1310bc861afcc395

    • SHA256

      753e9a7b2ceafc387b493a78cb67b3b7f5ae64e6fb34b37b5ccc8bfdf8b088f3

    • SHA512

      5ef9a72b6eec847da45c49f2dea38d2d9ef053a950bd64e806e27ec94d48c2f4fe80d294427e93a89e9f9fc3828ad54d7b79d604a73c686bd60b64eaefd612c3

    • SSDEEP

      384:jIz4RzfVzXQnpFurRW+ntZHu6sJuDwSXgqD5jbF4p:jIURpzAp+RFtNvGuDwMip

    Score
    10/10
    evasionpersistencetrojanupx

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

      persistence

    • Sets file execution options in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Windows security modification

      evasiontrojan

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks