15d4a485aca08a170ac2495253788b5ed5bb5915674f0e48938cd21b0201fe4d | Triage

Submit
Reports

Overview

overview

Static

static

7

NEAS.154e3...JC.exe

windows7-x64

NEAS.154e3...JC.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.154e31945d2bd09fd27266ad870c3ef0_JC.exe
Size

160KB
Sample

231103-rhphlsed94
MD5

154e31945d2bd09fd27266ad870c3ef0
SHA1

07d51afe1841d3aa69aebb48cec1d30055da787b
SHA256

15d4a485aca08a170ac2495253788b5ed5bb5915674f0e48938cd21b0201fe4d
SHA512

3e61d16e265eefe8366f8fbe1afe984a8ba07fb621dea2e34c0dbd326d4db3a1e71bfa6e5dd53d1d4afa2576ecabd56f601936c861091fda863b4fd2595ee769
SSDEEP

1536:uuQRyle0Y9WV32pauUIgVHyPuWU0ucXDveteBM2mlmo7pd5QMKA:FQMle0wQ32QuxAHyPuWUpcS4cd5QMKA

Score

10^/10

evasion persistence trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

NEAS.154e31945d2bd09fd27266ad870c3ef0_JC.exe

Resource

win7-20231025-en

evasion persistence trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

NEAS.154e31945d2bd09fd27266ad870c3ef0_JC.exe

Resource

win10v2004-20231025-en

evasion persistence trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  NEAS.154e31945d2bd09fd27266ad870c3ef0_JC.exe
- Size
  
  160KB
- MD5
  
  154e31945d2bd09fd27266ad870c3ef0
- SHA1
  
  07d51afe1841d3aa69aebb48cec1d30055da787b
- SHA256
  
  15d4a485aca08a170ac2495253788b5ed5bb5915674f0e48938cd21b0201fe4d
- SHA512
  
  3e61d16e265eefe8366f8fbe1afe984a8ba07fb621dea2e34c0dbd326d4db3a1e71bfa6e5dd53d1d4afa2576ecabd56f601936c861091fda863b4fd2595ee769
- SSDEEP
  
  1536:uuQRyle0Y9WV32pauUIgVHyPuWU0ucXDveteBM2mlmo7pd5QMKA:FQMle0wQ32QuxAHyPuWUpcS4cd5QMKA
Score

10^/10

evasion persistence trojan upx
- Windows security bypass
  evasion trojan
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Windows security modification
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojanupx

behavioral2

evasionpersistencetrojanupx

© 2018-2025

Terms | Privacy