General

  • Target

    NEAS.c65b38c8e578fe8c712b85ba4155c0d0_JC.exe

  • Size

    20KB

  • Sample

    231105-bgezsagh71

  • MD5

    c65b38c8e578fe8c712b85ba4155c0d0

  • SHA1

    c3640c4dbfb66013adcdafe470e07df09db5c0af

  • SHA256

    8c124fd5e2e033d590048797a022f68d55d78412a34b42bbe2220da0b4ec23fc

  • SHA512

    610cbbec3bb3c43836b9390f2e2e090c18f8b0c1acd592123c7a2a63225181ac2d987eb72c3f2d38a9c658a11f57863db30ea39e67cebd881265e8d4b8330a13

  • SSDEEP

    384:jIz4B3bvDV6NAb4b69+g3bDA75vWM5DiNsCrxzUeQAzKF4f7eaAnHcGpUksw:jIUB3d6NG429R3bcv5Dim896PpUk/

Malware Config

Targets

    • Target

      NEAS.c65b38c8e578fe8c712b85ba4155c0d0_JC.exe

    • Size

      20KB

    • MD5

      c65b38c8e578fe8c712b85ba4155c0d0

    • SHA1

      c3640c4dbfb66013adcdafe470e07df09db5c0af

    • SHA256

      8c124fd5e2e033d590048797a022f68d55d78412a34b42bbe2220da0b4ec23fc

    • SHA512

      610cbbec3bb3c43836b9390f2e2e090c18f8b0c1acd592123c7a2a63225181ac2d987eb72c3f2d38a9c658a11f57863db30ea39e67cebd881265e8d4b8330a13

    • SSDEEP

      384:jIz4B3bvDV6NAb4b69+g3bDA75vWM5DiNsCrxzUeQAzKF4f7eaAnHcGpUksw:jIUB3d6NG429R3bcv5Dim896PpUk/

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks