Overview

overview

7

Static

static

3

NEAS.d715f...d0.exe

windows7-x64

7

NEAS.d715f...d0.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    NEAS.d715f00295f03c8977aad12dcc5270d0.exe

  • Size

    140KB

  • Sample

    231102-vcj8gsdc76

  • MD5

    d715f00295f03c8977aad12dcc5270d0

  • SHA1

    7fc24f13b570aec9cabf3ed3b594719689509cb7

  • SHA256

    d376872a3f47cc3245c2843d4e23e177be0bc25ea123980195ffbb670857981f

  • SHA512

    4ca85f28e822904428300dfbfa5f23cecf780c4e5f76d1aaf9b399827a2110db6bdc0a206421e4d384fde29c5f604c88e2663f96db1d2e5fdcc666254e8caffb

  • SSDEEP

    3072:5DorJLbaT+jx3grZQ7tCJR+OqCfZy0znAMMkC64MC:6rJg0x3grC8+OqiZywI6LC

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      NEAS.d715f00295f03c8977aad12dcc5270d0.exe

    • Size

      140KB

    • MD5

      d715f00295f03c8977aad12dcc5270d0

    • SHA1

      7fc24f13b570aec9cabf3ed3b594719689509cb7

    • SHA256

      d376872a3f47cc3245c2843d4e23e177be0bc25ea123980195ffbb670857981f

    • SHA512

      4ca85f28e822904428300dfbfa5f23cecf780c4e5f76d1aaf9b399827a2110db6bdc0a206421e4d384fde29c5f604c88e2663f96db1d2e5fdcc666254e8caffb

    • SSDEEP

      3072:5DorJLbaT+jx3grZQ7tCJR+OqCfZy0znAMMkC64MC:6rJg0x3grC8+OqiZywI6LC

    Score
    7/10
    persistencediscovery

    • Deletes itself

    • Adds Run key to start application

      persistence

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks