Overview

overview

7

Static

static

7

NEAS.17ece...JC.exe

windows7-x64

7

NEAS.17ece...JC.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.17ece5418ec3512c0acadd89525ab360_JC.exe

  • Size

    13KB

  • Sample

    231103-flvcgsec75

  • MD5

    17ece5418ec3512c0acadd89525ab360

  • SHA1

    f89b647be14b6bbc9c7eb03849abed3f056c136d

  • SHA256

    3f099491fc204ae2c6e7b5a9e9b6fa587bddfbf3be475d255150bacb869c9428

  • SHA512

    a846e63af51072bb104856e73859f022cde568529b9794af9286cfb69522b7c81d33ff9164e7fd38f3e0a6ee04c6fa727511e7e2226d6b4406e0aaa07e8f1b0a

  • SSDEEP

    192:pjUWFh4fvYGIQnsA6psQ56uFaNJhLkwcud2DH9VwGfctQEAC5Es9Gsj5Efx8X5db:5KE7pD/aNJawcudoD7U55Es9GsGyz

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      NEAS.17ece5418ec3512c0acadd89525ab360_JC.exe

    • Size

      13KB

    • MD5

      17ece5418ec3512c0acadd89525ab360

    • SHA1

      f89b647be14b6bbc9c7eb03849abed3f056c136d

    • SHA256

      3f099491fc204ae2c6e7b5a9e9b6fa587bddfbf3be475d255150bacb869c9428

    • SHA512

      a846e63af51072bb104856e73859f022cde568529b9794af9286cfb69522b7c81d33ff9164e7fd38f3e0a6ee04c6fa727511e7e2226d6b4406e0aaa07e8f1b0a

    • SSDEEP

      192:pjUWFh4fvYGIQnsA6psQ56uFaNJhLkwcud2DH9VwGfctQEAC5Es9Gsj5Efx8X5db:5KE7pD/aNJawcudoD7U55Es9GsGyz

    Score
    7/10
    persistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks