General
-
Target
NEAS.1e07f0ca5cc5f41a0e9506a19c0917d0_JC.exe
-
Size
545KB
-
Sample
231103-h4s89adg4t
-
MD5
1e07f0ca5cc5f41a0e9506a19c0917d0
-
SHA1
55083109b7ca6eb45ca0f83e60e0598d7ece5787
-
SHA256
c77488deccb7e8483632196b2dcd6e6506b57465382c8bc4b1a67c097cbbc8f3
-
SHA512
a49878a36c05877a4b1b37e23a774c102f901b29fe341ab655ed8ac8614ec670d12af4eee9c6895517c9bf4b20e8c1aa32c161bc70dfbeb773095cde02f4de64
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOut1VP75iphJz9r:/pW2IoioS66gphJz9r
Malware Config
Targets
-
-
Target
NEAS.1e07f0ca5cc5f41a0e9506a19c0917d0_JC.exe
-
Size
545KB
-
MD5
1e07f0ca5cc5f41a0e9506a19c0917d0
-
SHA1
55083109b7ca6eb45ca0f83e60e0598d7ece5787
-
SHA256
c77488deccb7e8483632196b2dcd6e6506b57465382c8bc4b1a67c097cbbc8f3
-
SHA512
a49878a36c05877a4b1b37e23a774c102f901b29fe341ab655ed8ac8614ec670d12af4eee9c6895517c9bf4b20e8c1aa32c161bc70dfbeb773095cde02f4de64
-
SSDEEP
6144:/pW2bgbbV28okoS1oWMkdlZQ5iioct0IwdNOut1VP75iphJz9r:/pW2IoioS66gphJz9r
Score10/10-
UAC bypass
-
Disables Task Manager via registry modification
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Modifies system executable filetype association
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Event Triggered Execution
1Change Default File Association
1