a0bff705bd210f42035e3d3fb75c29d6a5ec0e5124903e0bec04e851e97ea4de | Triage

Submit
Reports

Overview

overview

7

Static

static

3

NEAS.86569...80.exe

windows7-x64

7

NEAS.86569...80.exe

windows10-2004-x64

7

Sharing

General

Target

NEAS.865696398a78e7f7ed145b58968a2380.exe
Size

4.6MB
Sample

231101-rjw9vadf2x
MD5

865696398a78e7f7ed145b58968a2380
SHA1

aa332b01ec7cfe59d8e8dddc0c4e8212ae60c2d1
SHA256

a0bff705bd210f42035e3d3fb75c29d6a5ec0e5124903e0bec04e851e97ea4de
SHA512

75f591d1f0ae4dabb2840fa11a55120e497d1bbd4361a462760adca1808bd9cf15c48caa6f6611ead1a1513b5f3074aaf52961f06734efa9a5f5edc6acc762fb
SSDEEP

98304:a625YaX+gAH+as+10GETZCSS9SCc6LcRMg9:avSaOJejyQESCc6q

Score

7^/10

evasion upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

NEAS.865696398a78e7f7ed145b58968a2380.exe

Resource

win7-20231020-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.865696398a78e7f7ed145b58968a2380.exe

Resource

win10v2004-20231023-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.865696398a78e7f7ed145b58968a2380.exe
- Size
  
  4.6MB
- MD5
  
  865696398a78e7f7ed145b58968a2380
- SHA1
  
  aa332b01ec7cfe59d8e8dddc0c4e8212ae60c2d1
- SHA256
  
  a0bff705bd210f42035e3d3fb75c29d6a5ec0e5124903e0bec04e851e97ea4de
- SHA512
  
  75f591d1f0ae4dabb2840fa11a55120e497d1bbd4361a462760adca1808bd9cf15c48caa6f6611ead1a1513b5f3074aaf52961f06734efa9a5f5edc6acc762fb
- SSDEEP
  
  98304:a625YaX+gAH+as+10GETZCSS9SCc6LcRMg9:avSaOJejyQESCc6q
Score

7^/10

evasion upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy